New Phishing Scam Poses As Your Spam Filter
The latest phishing scam making the rounds tricks users by appearing as a message from their spam filter — would you be able to spot this scam if it showed up in your inbox?
Are you concerned about phishing? You should be – it caused $1.7 billion in losses worldwide last year alone.
Phishing scams are constantly evolving, with cyber criminals working to find new ways to trick unsuspecting users into clicking a dangerous link or giving up private information.
Case in point: a new phishing scam has surfaced in which emails are disguised as messages from the user’s spam filter. The fraudulent email tells the recipient that they have new emails to review, and to click a link to do so. By clicking the link, the user unwittingly gives access to their systems over the cybercriminal that sends the email.
Are You A Target For This Scam?
That depends – do you know what spam filter you use? Can you remember the last time you got a message from your spam filter asking you to review emails? Would you be able to tell the difference between it and a fraud?
The best defense for this latest scam is to understand what spam filter you use, and what messages from it look like. That will make it much harder for cybercriminals to fool you.
How Can You Spot A Phishing Email?
- Check The Right Fields: If you’re unsure about an email, check the details on the email itself – specifically the “mailed-by” and “signed-by”, both of which should match the domain of the sender’s address.
- Suspicious Links: Always be sure to hover your mouse over a link in an email before clicking it. That allows you to see where it actually leads. While it may look harmless, the actual URL may show otherwise, so always look, and rarely click.
- Spelling and Grammar: Modern cybersecurity awareness comes down to paying attention to the details. When reading a suspicious email, keep an eye out for any typos or glaring errors. Whereas legitimate messages from your bank or vendors would be properly edited, phishing emails are notorious for basic spelling and grammatical mistakes.
- Specificity: Another point to consider is how vague the email is. Whereas legitimate senders will likely have your information already (such as your first name) and will use it in the salutation, scammers will often employ vaguer terminology, such as “Valued Customer” – this allows them to use the same email for multiple targets in a mass attack.
- Attachments: Phishers will often try to get you to open an attachment, so, if you see an attachment in combination with any of the above indicators, it’s only more proof that the email is likely part of a phishing attempt.
Are You An Easy Target For Phishing Scams?
If you’re reading this article, then you’re probably worried about phishing — that’s a good thing, it means you’re taking the threat seriously. After all, 65% of organizations in the US have been hit by phishing.
The bottom line is that you can’t ignore the threat of phishing, and by reading this blog, you’re not. And luckily for you, protecting against phishing doesn’t mean you have to understand how to install and configure a complex firewall, or shell out for a next-generation cybersecurity solution.
If you learn only one thing from this article, it should be that phishing doesn’t rely on digital security vulnerabilities or cutting edge hacking technology. Phishing targets the user, who, without the right training, will always be a security risk, regardless of the IT measures set in place.
BoomTech will assist you in training your staff to understand and spot phishing scams when they hit their inbox. Get in touch with us to start defending against phishing.
Hear from Philipp Baumann, owner and founder of BoomTech: