Beware Phishing Emails

Uploaded on 2019-12-06 in NEWS-News Analysis, GOVERNMENT-Law Enforcement, FREE TO VIEW

Despite what people think they know about phishing, they consistently fall victim.

Phishing attempts directed at specific individuals or companies have been termed spear phishing.

 In contrast to bulk phishing, spear phishing attackers often gather and use personal information about their target to increase their probability of success. 

For instance, according to a “verification” email, which purports to be from Microsoft’s Office 365, your email address needs to be updated to the 2020 version. The message warns that your account will be blocked or suspended if you fail to update correctly. It instructs you to click a link to complete the verification and update. However, Microsoft did not send the email and it has no connection to Office 365.

In fact, the message is a phishing scam designed to steal your Office 365 login credentials.  

Clicking the update link opens a page hosted on Google Forms that asks for your username, email address, and password.
If you complete and submit the form, the information you have entered can be collected by criminals and used to hijack your account. Once they have gained access, the criminals can use the account to distribute fraudulent material in your name, access documents you have stored online and commit further fraudulent activities.
Of course, Microsoft would never use a login form supplied and hosted by rival Google. Nor will they ever send you an email demanding that you click a link to log in and update account details. 
It is always safest to login to your online accounts by entering the address into your browser’s address bar or via a trusted app.

A transcript of the scam email: 

OFFICE 365
Your e-mail needs to be updated with our newly released 365-Secure Internet
Security 2020 version of a better resource web-mail spam and
viruses update.
Failure to update correctly will process your email account being temporarily
blocked or suspended from our network
To complete verification and update, click here.
Thanks,
LocalHost

Ironically, the Google Form that the scammers have used to host their fraudulent login form has the following warning at the bottom:

  • Never submit passwords through Google Forms.
  • No legitimate organisation will contact you from an address that ends ‘@gmail.com’.
  • Not even Google.
  • Check the Email Domain before Opening Connections

With the exception of independent workers, every organisation will have its own email domain and company accounts. 
For example, emails from Google will read ‘@google.com’.Many of us don’t ever look at the email address that a message has come from.

Your inbox displays a name, like ‘IT Governance’, and the subject line. When you open the email, you think you  already know who the message is from and jump straight into the content. When crooks create their bogus email addresses, they often have the choice to select the display name, which doesn’t have to relate to the email address at all.

They can therefore use a bogus email address that will turn up in your inbox with the display name Google.But criminals rarely depend on their victim’s ignorance alone. Their bogus email addresses will use the spoofed organisation’s name in the local part of the address.

Phishing emails come in many forms, but the one thing they all have in common is that they contain a payload. 
Usually this will either be an infected attachment that you’re asked to download, or a link to a bogus website, that requests login and other sensitive information.

ITGovernance:           Hoax-Slayer:          Wikipedia

You Might Also Read:

Dealing With Malicious Emails:

By 2021 The Cost Of Cybercrime Will Be $6 Trillion:

 

 

« Free Speech And The Detention Of Julian Assange
Creating A Cyber Incident Response Policy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Splunk

Splunk

Splunk provide real-time Security Information & Event Management solutions for Enterprise Networks, Cloud and small-scale IT environments

CCN-CERT

CCN-CERT

CCN-CERT is the Spanish national government computer security incident response centre.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

Mitek Systems

Mitek Systems

Mitek's global mobile capture and identity verification technology optimizes the digital user experience for thousands of financial services organizations.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

Elliptic

Elliptic

Elliptic solve the crucial problem of identity in cryptocurrencies, with the sole purpose of combating suspicious and criminal activity.

Cyber Command - Estonian Defence Forces

Cyber Command - Estonian Defence Forces

The main mission of the Cyber Command is to carry out operations in cyberspace in order to provide command support for Ministry of Defence’s area of responsibility.

FraudLabs Pro

FraudLabs Pro

FraudLabs Pro detects fraud and helps merchants to reduce e-commerce chargebacks by identifying high risk transactions.

Mjenzi Cloud

Mjenzi Cloud

Mjenzi Cloud is a provider of cloud IaaS solutions including managed backup services, affordable & secure cloud virtual compute/storage/compute services, bare-metal services and cloud security.

GAVS Technologies

GAVS Technologies

GAVS is a global IT services provider with focus on AI-led Managed Services and Digital Transformation.

NightDragon

NightDragon

NightDragon is a venture capital firm investing in innovative growth and late stage companies within the cybersecurity, safety, security, and privacy industry.

SMARTEST

SMARTEST

SMARTEST is a world-class IT solutions provider active in the most challenging and demanding industries such as the oil and gas industries.

Proximus Ada

Proximus Ada

Proximus Ada is the first Belgian center of excellence combining artificial intelligence and cybersecurity.

HWG

HWG

HWG is a company specialized in providing cyber security solutions and consulting services.

c0c0n

c0c0n

c0c0n is the longest running conferences in the area of Information Security and Hacking, in India.

Silence Laboratories

Silence Laboratories

Silence Laboratories is a cybersecurity company that focuses on the fusion of cryptography, sensing, and design to support a seamless authentication experience.