Tag: phishing

Phishing Message Targets

What are the targets for phishing messages?

Phishing is where scammers send messages by email, text or phone pretending to be from someone you are likely to trust e.g. your bank, British Gas, Microsoft, your Internet provider, local government HMRC etc.

Basically, they do this in order to get information from you – personal information that can be sold to scammers, spammers and identity thieves.  That includes email addresses, phone number, payment card details, bank account details, date of birth etc.,

 

Proofpoint’s 2017 Human Factor Report, shows that a quarter of all phishing scams target Apple IDs (i.e. login and password)

TARGET Percentage of Phishing Messages
Apple 25%
Microsoft 17%
Google Drive 12.9%
USAA 12.4%
Paypal 10.6%
Adobe 5.8%
Dropbox 4.8%
Blackboard 4.7%
LinkedIn 4.5%
CapitalOne 2.2%

According to the survey, Scammers seem to have the most success when phishing with Dropbox as that gets far more clicks (13%) than say phishing for Apple (1%)

The fact that fake invoices are used in 26% of phishing scams is not surprising as it is the most popular phishing technique aimed at businesses.

The next most common approaches are:-  malware infected file attachments, mail delivery failure messages, fake orders and fake payments.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

The Account Approved Phishing Scam

You receive an email from Customer Service that says Your Account Has Been Approved”.

Sounds good.

Hang on a minute – an account at which business?

The email doesn’t specify – there is no business name.

There is loads of stuff about IDs and passwords and congratulations etc. and the link they want you to click seems to be to www.account-uk.ga/UK/account

The suffix .ga means the website is registered in Gabon, West Africa.

The lack of a business name and the registration in West Africa point to the email being a scam. Plus the simple fact that I haven’t applied for any new accounts and hence cannot have been approved for an account I actually want, makes this abundantly clear.

The temptation with these emails is to click to find out what the account is – but don’t be tempted – it’s just a simple phishing scam whereby the website link takes you to a page that asks for more personal information. Plus, clicking the link will mark you as a gullible person suitable to be targeted for future scams.

These emails often name a well-known bank or other financial organization, large retailer, APPLE, Microsoft etc.

All scams.

Do not click the link.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

How to Spot a Phishing Email

phishing

Phishing is where you receive an email that appears to be from a trusted organisation but is designed to get your personal information such as login and password or credit card details.

Anti-virus software can protect you from some of these emails but many get through that protection.

Never put your personal Information in an email!

No reputable company will ask for personal details such as passwords, credit card details, mother’s maiden name etc. by email.  So, if you do get such a request – refuse.

Phishing Emails will usually have some or all of the following indications.

  1. Typing and Grammatical Errors

Many scam emails are translated from another language and that often leaves a tell-tale of poor grammar and odd use of words.  Anything with typing errors shows lack of professionalism and is unlikely to be found in an email from a reputable company. Also, some scammers deliberately put grammatical errors in messages to reduce the number of return messages they get.

  1. An attachment

Never click to open an attachment unless you are sure it is safe.

Attached files can contain viruses and other malicious code that can damage your computer, steal confidential information or hold you to ransom.  If the company is one that you already deal with then contact that company to check the email and attachment are safe.

  1. Links

A link may look as if it is safe but if you hover the cursor over the link then it may display a different value and not what you expect.  If this is different  to the text, then clearly something is wrong and potentially unsafe.

  1. Don’t Fall For Stories

If an email appears to be from a family member or friend  in trouble don’t reply immediately – check the truth of the story first by other means.

  1. The “From” entry

This is just text so the sender can make it show anything they want. To check the email sender – hover the cursor over the name and it should show the real senders email address. Even if this matches it does not absolutely prove that the email came from that address .

  1. The “To” entry

If the email is from a reputable company that you already deal with then it should show your correct name. If it shows nothing or ‘To recipients’ or an unknown name then the email is almost certainly a spam message sent out to large numbers of people. Beware.

STAY SAFE