We are in the middle of an epidemic in addition to a pandemic 😳!
Over the past five years, the number and intensity of scams and attacks over email has exploded. The move to cloud-hosted services has only served to increase the intensity of these attacks. It is more important than ever to be vigilant.
To better educate you, here are some common attacks:
The expiring subscription scam – “Your subscription is expiring…”
- They pretend to be Microsoft, Norton Security, Google, Apple, or some other recognizable brand in this attack. They tell you that your subscription is expiring and you need to renew it.
- When you click on the link, they take you to a very convincing-looking login page. Some of these login pages look EXACTLY like the login screens that you see every day.
- When you try to enter your credentials, it will tell you that the password is invalid. Most people will start entering all of the various passwords that they use. And you just gave away your credentials. Perhaps for more than one site.
The notification scam – Most of these notices are scams and can be ignored. If you aren’t sure, ask the IT staff.
- “Your payment has been received”
- “Your order has been received”
- “Your order has shipped”
- “Your account/password has been compromised”
- “Your password has been changed”
- “Here is your Purchase Order for ….”
- The common thread on this attack is that you are being notified of activity that you did not initiate.
When in doubt… ask the IT department or your manager.
The impersonation scam – In this scam, you receive an email from someone who uses the name of someone else inside the company:
- From: Joe President <email@example.com>