Keep alert – email scammers continue to get more convincing!

29.03.17 | Advice, Online safety, Phishing, Security & Tech support

UPDATE (30/03/2017) – Although this article is more about dealing with email scams, social media scams are also on the rise – have a read of this article to see just how clever the scammers have become.

Did you know that phishing attacks (the name given to an email scammer trying to “fish” for personal and financial details from an unsuspecting recipient) are now the most common source of ransomware and malware? According to Barkly, 85% of organisations have been the victim of a phishing attack, and 60% said that the rate of phishing attacks being received has increased since 2014. It’s vitally important to be aware of the risks and the warning signs!

Yesterday, I received an email at my home email address that was worded as follows (names have been changed to protect the innocent!)

Good day to you, Gareth!
I am bothering you for a very urgent occasion. Allhough we are not familiar, but I have significant ammount of information concerning you. The fact is that, most probably mistakenly, the info of your account has been emailed to me.
For instance, your address is:
[redacted]
I am a law-abiding citizen, so I decided to personal information may have been hacked. I attached the file – Griffiths.dot that was sent to me, that you could learn what information has become obtainable for deceivers.
Document password is – 2412
Sincerely,

Rio Sonnenthal

Being knowledgeable about this sort of thing, alarm bells immediately rang. An unexpected email, from someone that I don’t know, with an attachment? This meant it was almost certainly a virus or some other sort of malware. However, the presence of my real postal address in the email (which has been redacted above for obvious reasons) is something that I’ve never seen before on an email like this, and I’d be lying if I said that it didn’t make me consider the possibility that it may be genuine.

Subsequent inspection of the attachment shows that it is a Word document template that downloads a couple of image files from the Internet, one of which contains a malicious program designed to sit on your machine harvesting banking and financial details – definitely not something you want on your computer!

The fact that the document is password protected is also a method of trying to hide the presence of malware – the file is encrypted and is therefore harder for anti-virus and internet security packages to identify as malicious.

How to avoid being the victim of a phishing attack

As the scammers get more and more sophisticated, it becomes increasingly difficult to separate legitimate emails from the scammers. However, there are always warning signs and elements of phishing emails that should ring alarm bells:

Is the email from someone you know? Check the email address the email is being sent from, not just the name. Also, even if it is from someone you know, keep in mind the possibility that they may have been hacked and look out for other warning signs – perhaps contact them through other means to check if they sent the email, you may be doing them a favour as they may not know their account is sending out scams.
Does the email address you by name? Most phishing scams out there will not address you by name, instead starting with something generic like “Dear Account Holder” or “Dear Customer”. However, as you can see from the email above, the scammers are now catching on to this and are stepping up their game!
Does the email have attachments on it? If you receive an email with an attachment that you are not expecting, do not open it! Even if the email seems innocuous and just claims to contain some funny pictures of cats, most attachment types can harbour malicious software.
Is the email asking you to sign in to an account, enter personal details or telling you to change your password? If you receive an email asking you to do this, never click on any links in the email – instead go directly to the website in question by typing the address into your browser. A link in an email like this is more than likely to be fake, and take you to a page that looks identical to the website in question – but it will harvest your details and then sell them to criminals.
Is the email asking you to transfer money? This is a very common fraud tactic, not only against personal users but also against businesses – so called “CEO fraud” – a member of staff will receive an email claiming to be from their CEO asking them to urgently transfer money to a specific bank account for a plausible sounding reason. In reality, the “CEO” is just a scammer specifically targeting organisations. Over 35% of companies have fallen victim to this scam – don’t be one of them!
Is the email badly worded and littered with spelling mistakes? English is often not the scammer’s first language. Poor spelling and sentence structure is a sure warning sign of a scam, but is also sometimes used deliberately to try and avoid spam filters and other email blocking software – stay alert.
Is your anti-virus/internet security software up to date? In an ideal world, you’d be able to spot scams before falling victim to them and opening their attachments – but sometimes, just as I almost did yesterday, something might slip through. In these instances, it’s vital that your computer’s anti-virus/internet security software is kept up to date – it’s your last line of defense.

Above all else – if you are in any doubt whatsoever as to the veracity of an email you have received, delete it!.

↞ Previous article Next article ↠

Cookie	Duration	Description
__stripe_mid	1 year	Stripe sets this cookie cookie to process payments.
__stripe_sid	30 minutes	Stripe sets this cookie cookie to process payments.
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__atuvc	1 year 1 month	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it, before the share count cache is updated.
__atuvs	30 minutes	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it, before the share count cache is updated.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_3253734_2	1 minute	Set by Google to distinguish users.
_gat_UA-3253734-2	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
at-rand	never	AddThis sets this cookie to track page visits, sources of traffic and share counts.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
uvc	1 year 1 month	Set by addthis.com to determine the usage of addthis.com service.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
loc	1 year 1 month	AddThis sets this geolocation cookie to help understand the location of users who share the information.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Cookie	Duration	Description
m	2 years	No description available.
xtc	1 year 1 month	No description