Hackers are always looking for ways to make their phishing attacks more effective. Afterall, phishing scams are big business. The last thing a hacker wants to do is to go through all that trouble of social engineering, putting up a fake website and crafting a clever phishing email only to send that email to a dead account. One without a live person on the other end opening the email.
Netflix returns this week in our Scam of the Week section. No real surprises here. According to IT Security Guru, “You may get an email that has the official Netflix logo on it which would say that your payment for the month was not able to go through because of some problem with your bank. The email would then go on to say that if you don’t log in and check your payment details you could potentially end up losing access to your account. Needless to say, when you click the link and log in you will end up giving your account details away to someone that would use them for malicious purposes.”
People are getting wise to IRS phishing scams which happen during tax season. So, what do hackers do? Send out the same phishing emails out of season to catch unsuspecting victims off guard.
According to an article on ARS Technica, “Tax return scammers usually strike early in the year, when they can turn the personal information of victims into fraudulent tax refund claims. But members of Akamai’s threat research team found a recent surge in off-season phishing attacks masquerading as notices from the Internal Revenue Service, targeting over 100,000 individuals.”
It’s the most wonderful time of the year…for hackers. And while all indications are that hackers are actually getting started early this year with phishing emails, you can expect Black Friday and Cyber Monday to be the main events.
According to Global Security Mag, “Black Friday and Cyber Monday marks the traditional start to the holiday shopping season. Yet, with 39% of shoppers starting before then, cybercriminals have kicked off the season early too.” Their research indicates a 400% increase in pre-holiday phishing activity specifically targeted at “well-known online shopping sites.”
At its core, phishing is a pretty simple exploit. Send a malicious email, but make it look like it comes from some person or some company you know and trust.
One of the most frequently-used phishing tactics is domain name spoofing. Domain name spoofing occurs when an attacker appears to use a company’s domain to impersonate a company or one of its employees. This can be done by sending an email with a false domain name that looks like the correct domain name, or including a link in an email to what appears to be a trusted domain.
A lot of people have a Gmail account, which means marketers send a lot of emails to Gmail accounts. It sure would be nice if most or all of those emails could avoid the spam folder. Unfortunately, Google doesn’t see it that way.
According to a new report from Twilio, How Political Campaigns Can Ensure Their Email Messages Hit Home, only 3.8% of email messages from Presidential candidates made it into the primary tab of the Gmail account. What’s worse, is that 21.3% of emails ended up in the spam folder while the remaining 74.8% ended up in promotions.
Here’s a quick, one-question quiz:
If you got phished, you most likely:
- Opened a malicious email attachment
- Clicked on a malicious link in an email
Well, according to Proofpoint’s Q3 2019 Threat Report, if you got phished, there’s an 88% chance it’s because you clicked on a malicious link. So, the correct answer is #1. And that’s just one of the findings in the latest quarterly report.
Microsoft forms a natural base of the computer world. Almost every big or small organization makes use of the tools provided by Microsoft for their daily operations. Initially, Microsoft Office had a few tools. But because they have the basics done right, the enterprise has now expanded to a lot of other utilities. Outlook 365 is such a tool from Microsoft that has above 150 million users in the corporate sector. The platform combines every facility that one would ever need for the smooth functioning of their business, such as storage of files, exchange of emails, etc. It also features seamless integration of OneDrive as well as SharePoint into one platform.
If you have any kind of alarm in your home, like a smoke detector or burglar alarm, you probably don’t think about how it works very often. As it turns out, every alarm, to be effective, actually has to do two things: it has to sense something bad and then it has to take action. In most cases, that action is to blast a really loud signal. Loud enough to wake you up from a sound sleep.
In today’s digital age, emails have become a crucial channel of communication for all organizations. Emails have various benefits, such as reliability, economy, and mobility. Since we exchange a lot of important and sensitive data through emails, it is no wonder that users are seeking the best and latest solutions to uphold the confidentiality of their email contents. Any exposure of the vital information to the wrong people is enough to cripple an organization’s functioning. And a single click on a malicious link is all it takes to compromise the confidential data of an enterprise. Hence, email security plays a crucial role in enterprise networking, and email encryption is the appropriate way to secure emails.