We recently learned this from LogicNow (a global managed services provider and owner of MaxFocus)... But it isn't really that surprising. We all see scams in our email every day. Below, I've outlined some common ways people are attacked and how to avoid it. Number 3... "The Lie" is a newer and FAR MORE SUCCESSFUL attack. If you read nothing else, read about this one as you can easily defend against it.
What: The Link
How: You get a friendly email asking you to check out a link
Everyone has had the experience where you get a "friendly" email from someone offering a link for you to click. Sometimes it may have your names correctly in the email! The email may read something like this:
Teresa,Hey! I had a great time on my trip. Check out these great pictures! www.URL_that_will_hack_you.com.
If you were to click this link, your computer would be attacked by a malicious website. Questions that pop into most people's minds are:How do they know my name?How do they know my friends name?Are they in my computer now?Usually they aren't. This sort of attack is almost always because your friend had their email address hacked. The attacker copied their address book and now has your address and name. They also know the name of your friend. You can't stop these emails from coming, but you can avoid them.How to avoid "The Link"Have good email. (list of email we like is below) Most biz-class email will block this stuff. It can tell the links are bad and will block even email from trusted friends. If you think one of these is legit, txt or call your friend and ask if it's ok.
What: The Attachment
How: You are sent a bogus attachment
Watch out for the "important fax" or maybe an "overdue bill" email. It will often read like this:
Verizon WirelessTo whom it may concern:Your wireless account is pending cancellation. Please pay the attached bill immediately to prevent service disruption.
If you download this attachment, it may direct your computer to a website that will attack it. Or the attachment itself may be malware.How to avoid "The Attachment"Have good email. (list of email we like is below) Free email is often lacking in spam protection, virus scanning and protection features. Good email often keeps your computer from ever having to defend itself from attacks. Also, if an attachment says it's a "fax" but it is NOT a pdf or word document that this is most unusual. Also, if the document asks you to click a link from within the document... that is also very suspicious. I'd not click a link from a document sent via email. This link, if legit, could have more easily been put directly in the email. The only reason to put it in an attachment is to hide it from your email spam filter!
What: The Lie
How: You are contacted by a friend with a personal message
This is kinda like "The Link", but is much more convincing as it comes from a safe/trusted email address and may have personal info in the email. I have a recent story to illustrate this.One of our customers had a client that had their email account compromised. Neither party new this was going on. The attackers read their emails and sent custom and convincing emails to our client (a CPA firm) asking for financial transfers! If you were a CPA firm and received a friendly, verified email from your client asking to transfer funds, would you do it? If you received a friendly, personal email from your family, would you send them money?
Hey Jim,It's Todd. I need you to transfer some funds to a new account of ours. I have a lawyer friend in Texas that will be doing some work for me. What do you need from me to get this done ASAP?Hope you got over that cold you had.
This is totally creepy. This happens when someone has access to someone's emails and can find personal facts to backup their bogus email. Luckily for our CPA client, they called their client first!
How to avoid "The Lie"
Sadly, since your friends compromised accounts are being used to attack you, the only way to stay safe from The Lie is to ask your friends to get better, safer email (list of email we like is below) and to always be aware that email isn't always safe... and also to verify before sending money ANYWHERE based on an email message.Remember, almost all malware is designed to steal your money! Understanding the motive will help you be safe.Email that does a really good job at keeping people safe:
**Make sure to enable 2-factor authentication or the safety features are partially wasted.
As always, if these methods fail you, your computer is the last line of defense. Have good protection. Like QuickWatch! :)
As a managed services provider, our primary job is to be proactive. We monitor, backup, update, and protect.
We love taking care of our clients, and can help you take care of yours, too! QuickFix offers a robust reseller program!
76% of all malware attacks happen through Email. Not only is our email safe, but it’ll also be your work-horse.
We keep workstations running quickly and safely so that you and your team can focus on working instead of fixing.
Having a reliable, fast, secure network is like having a safe, fast, and secure ambulance. There should never be another way.
Our in-house web team provides white glove web maintenance, construction, and design.