Hackers/Scammers are using more sophisticated methods to get people to fall for their tricks. They impersonate legitimate companies using the same email templates and logos. With a slightly changed website address, they hope you miss the subtle difference between “www.microsoft.com” vs. “alerts.micosoftaccount.com” in the “From” address and any links within the email.
Email spoofing and email compromise are other tricks they use to sneak under the radar. Hackers can use a legitimate email address in the “From” area of an email, but that doesn’t mean it’s from that person. The actual sender is a scammer from a completely different location.
Reasons why scammers send these emails
Scammers’ first goal is to grab your credentials. Since way too many people use the same login credentials for multiple accounts, including their work logins, those exposed credentials can be utilized as an entry point into a business and its systems. Minimize this threat by ensuring employees use strong passwords for any work-related systems.
The second goal is to have you download a file that contains malicious code – either by downloading a file you may think is a legitimate receipt or by directing you to a site that contains malware that is activated when you visit the page. Most malware is ransomware which essentially holds your data and system hostage.
Three ways to protect from email scams
- To protect yourself from phishing email scams, use caution when viewing emails. Don’t download or open an attachment from someone unless you are expecting one. The same goes for zip files and HTML files. Be careful with short links as well, such as bit.ly or tinyurl.
- There isn’t always a direct link relating to a phishing attack. The scammer could be asking for specific information or have you contact them for further instructions. For example – requesting you call a number to contact a “support tech” because your computer is compromised, then they ask you to pay for a program or ask for remote access into your computer.
If you’re unsure if the link/file/email is legit, contact the sender in a separate email, one you know is correct, don’t just reply to the email as you may get bogus info. - Utilize a comprehensive spam filter to reduce the emails that land in your inbox. In addition, an enterprise-level antivirus program will keep your computer system secure and minimize the risk of becoming compromised should you accidentally click on something you shouldn’t.
Could you identify the 13 types of email threats used today by hackers/scammers? If not, then sign up at https://www.clearcomit.com/email-security/ to watch the on-demand webinar. We include the slides with examples of what to look for in those emails. As a bonus, you can download our quick reference checklist that will help ensure your business is protected from a cyberattack.
Leave a Reply