While analyzing some of the attacks we see on the Wordfence Web Application Firewall, we discovered code that an attacker was trying to upload that was part of a botnet. In case you’re not in the information security space, a botnet is a network of ‘bot’ or ‘zombie’ machines that is controlled from a central […]
The New Data Protection Laws came into force in Europe (and that includes the UK wether the vote to ‘opt-out’ of Europe or not) on 25th May – are YOU prepared??
I was reading through my emails this morning and I felt a blog coming on.
I checked my SPAM mailbox and I always go through the mail there because occasionally something important ‘slips through’ and I wouldn’t want to delete an important email. Whilst I was going down the list several messages came to my attention as obvious ‘scams’. It got me thinking that, if someone does not have an efficient spam filter (and sometimes mine is too efficient that it censors things it ‘thinks’ I shouldn’t read – a bit like having your Mum go through your post LOL) they could open up a scam message, click on a link and enter their details thinking it is from their bank or a company they deal with. Often we are busy and don’t really ‘read’ the content of our mail – if on the surface it looks OK we trust it. Personally I don’t trust anything that asks me to ‘click through’ but I prefer to read the mail and then take my usual route to their website (paypal, my bank, my utilities, etc… ) and if it is legitimate there will usually be a message on their to perform whatever action was required. Some of the scammers are ‘very’ clever and the mail looks real but some are not. Take a look at these and ‘spot the deliberate mistake’…
First of all a ‘message’ from Apple:
Did you spot it straight away??
Would Apple REALLY put ‘Dears,’ as a greeting? Also this email was sent to an email address that ISN’T the one I use for my Apple login. But if you missed the email address and were in a hurry and missed the greeting you ‘might’ click through and they have got your Apple ID AND your payment details and next thing you know your bank account is empty!! They only need one person out of a thousand and the scam has worked.
Next we have one supposedly from Sainsbury’s:
What is the deliberate mistake in this one?
This one is not quite so dangerous but obviously still not genuine (look how they have spelt ‘Sainsburry’?) you will click and they will have you jumping through hoops with surveys and offers in the ‘hope’ you might win a £450 Sainsbury’s shopping spree (and who wouldn’t want 450 quid to spend in today’s financial climate?) but alas ‘dears’ it is very doubtful you will be entered to win a thing!!! They will have your email address and will just be able to bombard you with MORE spam!!!
Finally we have one from The National Lottery:
On the surface this looks a legitimate email from Camelot (obviously King Arthur knows my email address) BUT I know it is a scam because I am not and have never been signed up for The National Lottery online. On the odd occasion I buy a lottery ticket I go to my local shop – pick my numbers – pay my two quid and eagerly watch the lottery show to see if I have won (then tear the ticket into little bits, stamp on the pieces and curse myself for wasting two quid that might have bought me a chocolaty treat or something LOL). But if you ‘click’ and sign in not only has this scammer got certain other details but your date of birth too!!
So in 3 scams we have given them login details to a site with your name, address and bank details stored and a date of birth that could be used for identity theft. Next thing you know someone is posing as you to obtain credit and you are in a right mess.
So the message of this tale is – be aware of EVERY piece of mail you get into your email account. If in doubt don’t open it or click on ANYTHING it contains and report it as spam or a phishing attempt to your mail provider. They will know what to do and who to contact to get the scammers stopped. After all if you had a letter come through your door that was ticking you would not open it would you? (on that note I know a company who will train you in how to deal with physical suspect mail – SafetY TraiN (click on the link and go to the non-accredited training section – and yes it is safe to do so on this occasion LOL).
I hope this has been useful to you. Please feel free to view my website too Human Interface Publication.
Be safe online and offline too…
These chilling stories about devastating data breaches might keep IT security pros up at night.
Sourced through Scoop.it from: www.techrepublic.com
Keep your data safe. Contact Human Interface Publications for a consultation on cyber safety http://humaninterfacepublications.co.uk