29th March '17
UPDATE (30/03/2017) – Although this article is more about dealing with email scams, social media scams are also on the rise – have a read of this article to see just how clever the scammers have become.
Did you know that phishing attacks (the name given to an email scammer trying to “fish” for personal and financial details from an unsuspecting recipient) are now the most common source of ransomware and malware? According to Barkly, 85% of organisations have been the victim of a phishing attack, and 60% said that the rate of phishing attacks being received has increased since 2014. It’s vitally important to be aware of the risks and the warning signs!
Yesterday, I received an email at my home email address that was worded as follows (names have been changed to protect the innocent!)
Good day to you, Gareth!
I am bothering you for a very urgent occasion. Allhough we are not familiar, but I have significant ammount of information concerning you. The fact is that, most probably mistakenly, the info of your account has been emailed to me.
For instance, your address is:
[redacted]
I am a law-abiding citizen, so I decided to personal information may have been hacked. I attached the file – Griffiths.dot that was sent to me, that you could learn what information has become obtainable for deceivers.
Document password is – 2412
Sincerely,
Rio Sonnenthal
Being knowledgeable about this sort of thing, alarm bells immediately rang. An unexpected email, from someone that I don’t know, with an attachment? This meant it was almost certainly a virus or some other sort of malware. However, the presence of my real postal address in the email (which has been redacted above for obvious reasons) is something that I’ve never seen before on an email like this, and I’d be lying if I said that it didn’t make me consider the possibility that it may be genuine.
Subsequent inspection of the attachment shows that it is a Word document template that downloads a couple of image files from the Internet, one of which contains a malicious program designed to sit on your machine harvesting banking and financial details – definitely not something you want on your computer!
The fact that the document is password protected is also a method of trying to hide the presence of malware – the file is encrypted and is therefore harder for anti-virus and internet security packages to identify as malicious.
As the scammers get more and more sophisticated, it becomes increasingly difficult to separate legitimate emails from the scammers. However, there are always warning signs and elements of phishing emails that should ring alarm bells:
Above all else – if you are in any doubt whatsoever as to the veracity of an email you have received, delete it!.