8 Email Scam Alerts
It is now more important than ever to take cyber security extremely seriously in order to prevent an attack. As cybercriminals up their game and catch even the most vigilant of individuals via various spoofed emails, take a look at these scam email warning signs, which your employees should be looking out for.
For those who are already aware of the dangers we face with email, Symantec has launched comprehensive protection for business email compromise with the deepest visibility into advanced email attacks. If you’re an MSP or VAR and need to offer world class security solutions to your client base, ask our cloud specialists about the robust solutions available in CASCADE.
- When was it sent?
By checking the time of when an email was sent, you can potentially identify hazards. For example, you get an email from your manager at 3.45am. Is this normal? Would you usually receive emails at this time from them? If not, don’t click.
- Check the subject for…
A sense of urgency. Hackers use scare tactics to get you to bite the bate with ‘change your password now’, ‘you’re late with your payment’ or ‘you’ve been charged $134.21’. Do not fall victim to this. Think logically – you know if you’re late on a payment, and you can check your bank account for any deductions. Don’t rush and click through the email and if you do by accident, don’t be tempted to follow any links, download any attachments or send any of your personal details to the sender.
- And then comes the content…
What does the email require you to do? Be vigilantly aware of anything asking you to urgently update details, claim a tax rebate or send your bank details. Hackers will try anything to get you to click through. Don’t trust it unless you are absolutely 100% sure it is safe. Another obvious, tell-tale sign is grammatically incorrect copy. This is particularly notable when the email is claiming to be from large organizations, such as your bank. The subject line may read something like:
Mr Bloggs, Important! Changes To Your Banking Terms and Conditions and Charges and our Banking made-easy brochure!!
Note that the example above includes unnecessary capital letters, extra exclamation marks and randomly placed commas.
The intelligence of today’s cybercriminals is unfortunately proving to work and is catching us out. Some emails now appear to be from someone you already know – an existing contact, but actually, they are an intelligent spoof. This is a very common way these criminals tempt us to click into the malicious email. Hackers do know that we are more inclined to click on emails if they are from somebody who we trust and will use almost exact fake email addresses. Below is a quick made up example of how similar these may be:
Real: [email protected]
Fake: [email protected]
Spot the difference? The ‘walliscargo’ is simply missing one ‘l’. If you’re checking emails quickly, it’s highly likely that you wouldn’t even notice this tiny difference.
Sometimes, the hackers can use your internal email addresses to appear in the ‘from’ box. There may not even be an error to spot here so check for tell-tale signs such as email signatures and check if the email is being vague with details.
TIP: Many business email compromise attacks pretend to be senior executives such as your CEO or COO.
USComputek security solutions
US Computek offers a new feature available within the Advanced Threat Protection stack:
- To whom is it addressed?
A lot of the time, hackers will send many phishing emails to many recipients at one time. If you’re copied into a strange email, or don’t know who any of the recipients are, this should be a warning sign to not click on anything.
- Check the hyperlinks BEFORE you click
If everything looks legitimate in the email, still don’t be fooled. Be even more vigilant by hovering over the hyperlink and checking the destination URL. If it doesn’t match what the description of the email is referring to, DO NOT click on it. If it is completely random, DO NOT click on it. Ensure that you are 100% safe to click before you do. If it appears to be from a colleague, or existing contact, contact the sender directly via phone to confirm whether or not they sent the email.
Next, we move onto attachments. While they may seem harmless, some can contain malicious variations of malware. Generally, if you are not expecting an attachment, don’t open it as may be fraudulent. Another sign to look out for is the file type. Duplicate file types at the end of the file name is a strong indication that the file is compromised, for example ‘docx.docx’, as well as the well-known exe files that are common threat vectors for email.
- Will it delete?
And finally, will the email delete from your inbox? If you swipe right to delete the mail and your phone displays a message like: unable to move message to the mailbox trash, this is a sign that the email is a scam. Depending on your device, contact the manufacturer for assistance with deleting unwanted mail.
Scam Email Samples
US Computek Smart Alert™
REAL TIME THREAT PREVENTION Cyber criminals may attack at any time. To ensure business continuity, you need threat prevention that works nonstop, and can stop attacks before they infiltrate your network. US Computek Smart Alert™ enables you to stay ahead of attackers with real time threat prevention. Leveraging USComputek technologies, it provides the most advanced threat prevention and zero-day protection blocking both known and unknown threats. With over 30 different innovative technologies.
- Network based threat prevention for security gateways, with best-in-class IPS, AV, post-infection BOT prevention, network Sandboxing (threat emulation) and malware sanitation with Threat Extraction.
- SandBlast Agent endpoint detection and response solution with forensics, anti-ransomware, AV, post-infection BOT prevention and Sandboxing on the endpoint.
- SandBlast Mobile advanced threat prevention for mobile devices provides a complete mobile security solution that protects devices from threats on the device (OS), in apps, and in the network, and delivers the industry’s highest threat catch rate for iOS and Android.
- SandBlast for Office365 cloud, part of Check Point cloud security offerings.
SUMMARY – Preventing cyber-attacks, with their wide and fast spread across industries and attack surfaces, is essential and possible. US Computek is the first and only architecture designed to deliver the most complete real-time threat prevention against new generation cyber-attacks, leveraging Check Point’s most advanced products and technologies across all networks, cloud, endpoint and mobile – all managed by a single, consolidated console. Now with US Computek Smart Alert™ Protection you can have the complete threat prevention security you need to battle next generation attacks for a simple per user, per year subscription – including software, hardware, services and support. Ensure business continuity with the only complete architecture that keeps you protected against any threat, anytime and anywhere.
Worldwide Headquarters 471 W. Lambert Rd Suite 111 Brea, CA 92821
Tel: (562) 294-6800 | Email: [email protected]
US Computek, Inc All rights reserved 2018