If you are like the majority of people that use email today, you probably have two or more email accounts. Email is becoming a critical way of doing business and it is part of almost every company’s BAU. Battling things like email phishing requires a strong defense, both with user behavior and system controls.
Most of us that use email on a regular basis are getting smarter when it comes to phishing emails! Not only that, but with tools like AVG CloudCare, our computers have a better defense than ever before. However, as a result, the cybercriminals are having to get more clever and aggressive than ever before! It seems like not a single day goes by without someone asking firstname.lastname@example.org about a suspicious email.
With the rise in malware and ransomware in the news, this has all of us at CentraComp paying closer attention to the emails we get too, and over the last few months, we have noticed a significant influx of phishing emails! We have also noticed the level of sophistication has seemed to increase quite a bit. For example, the other day, I received an email from my bank (or so it would seem). The “From:” looked legitimate. The email had the proper logos and the content of the mail seemed like something my bank might send. The email subject was “your password has been changed.” The body of the email explained that my password reset was successful and that I did not need to do anything unless I did not initiate the password reset. It prompted me to click a link if I had not initiated the password reset; and that link was the hook! I hovered over the link and it was NOT a link to my bank. Had I clicked the link, I am certain I would have been routed to a site with malware, or with instructions on how to re-reset my password. In either case, I would have been a victim of phishing.
That is just one example. Others in the CCI team have been receiving emails from Walgreens, Walmart, Target, Costco, Sears, and just about every other store! The subjects seem harmless, and the emails look like typical marketing emails, however, they are not; they are phishing emails!
We have added a few examples at the bottom of this email.
Phishing emails from different commercial sites (stores, credit cards, banks, etc.) are not the only ones out there. Phishing emails can appear to come from someone you know too; maybe even from someone that is a close friend, family member, or colleague at work.
Here are a few rules you should always keep in mind.
- Unless you are one-hundred percent certain that you are expecting a document from someone, don’t click a link to a shared document! If you are unsure, but want a second opinion, we will be happy to give you our opinion
- Likewise, unless you are one-hundred percent certain about any links contained in any email, just don’t risk it!
- If you ever receive an email about your account from a store, bank, credit card, etc… and you don’t know whether you should click on an imbedded link, open an email browser and go directly to the site and login from there. If you have any account issues or notifications that require your attention, that information will likely show up after logging in
- And remember, banks, credit card companies, and most other reputable companies (including social media sites like Facebook, Instagram, Snapchat, etc.) will NEVER ask for your user name and password over email.
Information Security continues to be a top priority at CentraComp! It is important to stay current with your Carbonite subscriptions to maintain a solid backup plan, and your AVG CloudCare subscriptions to maintain a secure environment. These tools work!
If you have any questions, please feel free to contact us a email@example.com.
See this one below, it even offers a way to “unsubscribe”. Don’t believe it. Every link in this email is a link to a phishing webpage.
Here’s one that tried to entice the recipient to click on a link, with hopes of winning fifty dollars.