Most of us have heard about Phishing or Email Scam as mostly called. However, I will quickly run through it. Email phishing is an attempt to obtain sensitive data such as usernames, passwords or financial information by emailing someone while pretending to be a known associate. A mail can be sent, convincing you to click a link or download a file.
A dangerous new wave of email scam that falls under phishing is called spear phishing. For spear phishing, the cybercriminals would have trawled the internet using Facebook, Google or LinkedIn in the bid to find out as much information as they can about you. They can go as far as sending emails that contain your personal information to be more convincing.
Another intriguing thing is; they can create fake, but legitimate-looking email accounts to trick you, like sending an email using the email address of a Manager to trick a staff. Let us take LinkedIn as an example, most users have their profile on LinkedIn. Within minutes, I can track 5 people in the same company and understand how their mails are been generated.
Thomas has a friend, James, who is also a colleague. From Thomas’s LinkedIn profile he described himself as an ambitious guy willing to pursue his career. One day, Thomas got an email supposedly from James.
Delighted to have received such news from James, he decided to check out the Pdf file attachment and the clicked the link. On the site page, he saw a login screen and upon entering his office login details, he was unable to login. He tried three more times before considering that it could be a scam. Unfortunately, he has clicked the site (1), entered his office login details (2) and downloaded the attachment (3). 3 means of attack with just a mail. Even if he was smart to have not done the 3, he could have done 1.
Let us analyse it:
Thomas and James both work in Cenox limited and their domain is cenox.com. The sender’s email address (from) shows that the mail is not from the organization. The complete email address carries a different domain.
These are 2 different things.
He failed at checking the email to confirm if it is legit. One more important thing to note; usually the way a scam mail body is written will be suspicious. However, not all scammers make a typographic error in mail composing as we usually believe. They have grown smarter.
Then when Thomas opened the attachment, a malware could have sneaked into his device. Moreover, some attachments are programs that run underneath as attachment. You may not notice a difference or at most, you see the screen blink.
Let me be a little technical
When you open an email, several things start happening in the background that allows it to display properly on your device. Most times if an email includes pictures or resources like special fonts, these are downloaded from the sender’s web server. While many legitimate businesses use this to make more visually appealing emails, these can be abused by criminals to transfer malware to your devices or find out your IP address, location, device details, traceroutes etc. An attacker can piece together the data in seconds and build up an accurate picture of their potential victims even if the email is deleted immediately after opening.
Also, attachments like DOC, PDF, PXT, ZIP etc can hide executable software codes which run on click-open. These codes install malware, such as Ransomware and software that logs keystrokes, allowing cybercriminals to steal login details.
Link is opened by either clicking the link or copying it to a browser. Now, I am not saying all bitly links are scam links but cybercriminals have become so smart that they hide the exact URL under a link shorteners like BITLY API, CUTLY API, OWLY API, YOURLS API etc.
How to stay safe
- Be wary of unsolicited and suspicious emails and mail attachments, even from people you know. Just because an email message looks like it came from an associate doesn’t mean it did. Check the FROM of your email before you open. Some email addresses can sometimes be spoofed, so to double-check, click “reply” to see what email appears in the “To” field. But do not reply to the email
- Use your knowledge of the person (sender). If you receive an email that looks like it’s from someone you know, check carefully to see if it matches their usual phrase or tone. Do they use a name, greeting, or signatures other than the one you’re seeing in the mail?
- Follow your instinct about a mail. Be suspicious. Once the mail looks phishy (Fishy), scrutinize it.
- Save and scan any attachments before opening them. If you must open an attachment before you can verify the legitimacy, save it on your system, manually scan the file with an updated antivirus before you open it. Please pay for an antivirus, stop using free or outdated antivirus.
- Disable automatically download of attachment (if enabled) in your mail Application. This will help you specify which mail you want its attachments downloaded.
- Once you identify a mail to be a scam, send it to the spam folder immediately, rather than just deleting. It will train the spam filter to look out for such emails and mark them as spam. Do not forward to another person. As a best practice run a full system scan on your system with an up-to-date Antivirus.
- For browsing in business centres, users should always log off, clear browsing history or if possible, use in private or incognito tabs. Most browsers have such features.