Recently we have been alerted of a slew of new and very sophisticated email scams, that are designed to get the reader to click on a link that takes them to what appears to be a credible website (something they might recognize, like their Bank Login Page, or Email Account Login Page).
Unfortunately these pages are just 'spoofs' of the real thing, and when the user enters in their login details, they are actually giving the Scammer access to their account information.
Because the original emails received do not contain any malicious content as such, and do not necessarily have any attachments that contain viruses, most Virus Scanners do not catch or stop the email from reaching your inbox.
What is worse is that these emails will often come from a trusted source - and maybe even be in response to a previous email you had sent out in the past...
Falling victim to a Phishing Scam can be absolutely detrimental to a business (or even personal account) as once a scammer has access to your Login Information, it is almost impossible to stop them from stealing more information and then using it over and over to Scam and Phish others from your contacts.
It is a very real and serious concern, and we urge all our clients to be extra vigilant when receiving emails that they might 'feel' are strange (Maybe a friend has sent you an email asking you for information that they never have in the past, or to visit an 'interesting' website via a link, or someone you haven't spoken to in years reaches out to 'reconnect').
If something about an email doesn't seem right, please err on the side of caution and Do Not open any links or attachments.
More than that, Do Not enter your Log In information into any page that opens from a link that has been sent to you via an email.
A good place to check when opening a Link is the address bar on the Browser. If the website address contains a series of 'random' characters or words that seem out of place i.e. www.microsoft.site.com these are signs of something that is not right. Also, always look for the image of the 'Lock' in the left hand side of the address bar, which ensures the web page you are on is 'secure' i.e. image.png
If you have entered your login information onto one of these websites and are concerned about your account, we urge you to change your Email and/or Cloud Services Passwords immediately (also, if you use the same password for multiple Logins, we recommend changing them immediately to something unique for each login. Adding a special character i.e. '!' or "%' is a simple way to do this without forgetting all the passwords)
Some other very good proactive measures to protect yourself, your accounts and your employees from falling victim to these types of scams are as follows:
- Set up a Two Step Authentication for every Account
- Rotate your Passwords every 30 - 60 Days
- NEVER EVER EVER Send Passwords or Login Information via email to others (use text messaging as an alternative way of communicating Passwords)
- Consider Installing a Malware/Spyware and SPAM Filter to catch suspicious emails from getting to your inbox. A good example of a commercial grade email security service is Barracuda
- Implement a DNS Scanning Service i.e. Open DNS. This will help prevent Phishing Links from opening on your Browser
- NEVER EVER EVER Call a Telephone Number from a Website Pop-Up that informs you of a Computer Virus or other threat.
- Educate employees on how to be extra vigilant and recognize potential phishing scams
Please feel free to call us to discuss implementing these steps to keep your personal and business information secure and private.
We live in a world that is so fast paced that often we do not take the time to consider the HUGE risks in the information that we send and retrieve via email and the Internet on a daily basis. There are many criminals out there who are starting to take advantage.
We urge you to take this seriously and consider the important steps we have outlined above.
Read More about Phishing and Spoofing here:
Browse Safely my friends,
Mandy Pisarek Director of Operations