‘Tis the season.
That’s right the Holiday season brings an uptick in Malware, SPAM and Phishing attempts. (Phishing attempts are emails that try to “trick” you into clicking on a link and/or stealing your credentials). The following information should help you stay safe both at work and at home. These guidelines are applicable to general email usage.
Here are a couple that we’ve seen:
So many things wrong with the one above. First of all, I don’t know the individual who sent the email (it is a real person, their account has probably been compromised). Secondly, the email is actually an image, not plan text. If I hover my mouse over the email, the URL that it points to is not Google Drive but “snipli.com” (snipli.com is a URL shortener – which may be fine OR can be used by hackers to obviscate the real destination). Thirdly, I’m Bcc’d. Fourth, there is very little real information in the email “Please review it and get back to me if interested.” without an explanation of what it is or why I’ve received it is a red flag.
Anytime that you have an attachment that is a .zip file, do NOT click on it. Next, notice that there is no specific information about what I’m “paying” for. This type of message should be marked as SPAM immediately.
Another popular phishing attempt comes from “Amazon”. It may even have the Amazon logo. If you see one like this never click the link. Instead, go to https://amazon.com and sign in there. By the way, clicking on that link would take you to the page below:
Looks pretty legitimate doesn’t it (except for the words Phishing being added). This page would have everything that a thief needs to use your credit card. Again, DO NOT CLICK on the link. Open a browser, enter https://amazon.com in the URL bar and then sign into your account.
The bad guys are trying to do one of the following:
- Trying to get you to install malware
- Trying to steal your credentials
Security is extremely important. Stay safe “out there”.