Considering the pandemic, Scammers are working overtime to fool you!!!

Have you heard the terms PHISHING and SPEAR PHISHING?

phishing attacksThese are emails that target you and are designed to either gain information about you or your company or to gain access to your computer workstation and subsequently your company network. Current data indicates these types of attacks have recently increased more than 600%.

Don’t be fooled into thinking that you are considered a small business and the perpetrators don’t really care – you are a potential source of income to them. Beyond that, you’re also a source of contacts – that is, more email addresses that can potentially be compromised. No one is immune from the danger of a phishing attack.

General phishing attacks will use some form of ‘social engineering’ to get the recipient to open a link or an attachment. With the current COVID-19 situation, the various emails utilize fear, uncertainty, and doubt with related bogus information. An ALERT or some information bulletin entices the recipient to take some sort of action. Examples: CORONAVIRUS alert arrives stating you have been exposed and you need to take action either by clicking a link for more information, or an attachment that contains some form of malware. Scams relating to the impending tax refund is another opportunity to get you. Virtually anything that is breaking news is used as part of the script.

Here is an example that we received recently:

phishing scams

Again, they want you to panic so that they can take advantage of you while you’re not actively thinking about your own cybersecurity. Being educated will greatly reduce your risk of attack.

In the case of SPEARPHISHING, some background work is completed to collect information about the company to allow a PHISHING email to include information that makes the email appear more legitimate. In a matter of minutes information can be gathered about an organization directly of their website, LinkedIn and Facebook.

SPEARPHISHING attackers want to make you think that you’re interacting with a “trusted” source. A common type of attack is a fake company log-in page – you might think you’re logging into your own company account when you’re actually sending your username and password directly to the attackers.

Personally, I always carefully examine all emails that come to me assuming the email is not legitimate until proven otherwise. Here are 7 clues to watch for in all emails before taking any action.

  1. Who is it FROM?

First, is it from someone you know? If so, is it really? Look very closely at the sending email address. It may be a name you recognize but the actual email address doesn’t match up.

Is it out of character – doesn’t match up with your job role?

Is it from someone you have never heard of before?

Is it an odd email address – like a misspelled company name ie. De11 or Micorsoft?

It is an unexpected email with an attachment or hyperlinks?

 

  1. Who is it TO?

Is it to you or are you the CC list? Example, it might be to a bunch of people in your organization all with the last names starting with the same letter. Might even be a bunch of totally unrelated addresses.

 

  1. When was it SENT?

Was it sent at an unusual time? A weekend or 3AM?

 

  1. What is the SUBJECT?

Does it match the content? Is it a reply to a message you never sent or requested?

 

  1. And, what is the CONTENT?

Within the content part of the email are there spelling errors and grammatical mistakes?

Does it implore you to immediately open an attachment or click on a link to avoid a negative consequence or to gain something of value?

Does the email asking me to look at a compromising or embarrassing picture of yourself or someone else that you may know?

 

  1. Are there ATTACHMENTS?

Is it an attachment you are expecting?

Does the name of the attachment match the content or is it unrelated or generic – example Invoice1

Is it a possible dangerous filetype? Example .EXE or .BAT (there are others).

 

  1. Are there HYPERLINKS?

Is the hyperlink obscured with text or an image with a link associated? When you hover the mouse over the hyperlink, does it match the description? When the link does not match and/or goes to another website that is a huge red flag.

Does the hyperlink contain misspelled websites or use a letter sequence that can be misread easily – like “rn” for an “m” or uu for a w.

Maybe the only content of the message is a long hyperlink.

It really doesn’t matter how great your antivirus or firewall is if you or one of your users clicks the link or opens an attachment of a message that gets through your defenses. You are the last firewall!

The key takeaway is to Think Before You Click anything in an email. Never open an attachment you are not expecting. If you feel it may be legitimate, reach out to the sender via a new email or call on the phone. I have dealt with malware for more than one of my customers that thought it was legitimate. The bad guys are very successful with these campaigns; that is why they continue to do them and up their game.