fbpx
Everything is a scam

Nothing is true, everything is a scam (Email Phishing Primer pt.7)

/ By / Cyber Security / Cyber Security, cyber-attack, CyberAwake, email threat, Octagon Technology, OSINT, phishing, Smart Thinking Solutions, Social Engineering, social media, threats, Training

Nothing is true, everything is a scam. While this is not terrible advice for the internet and life generally, in this case I am referring to electronic mail. Given the negligible cost of sending email and its ability to target millions, it is of course the perfect tool to trick, scam, steal and be downright pesky on a large scale.

It isn’t always easy to determine if an email is genuine, you must use your own judgement to decide if an email was expected, not masquerading as one of your contacts and is at least potentially true in its claims and isn’t carrying an infectious file. Your data is valuable, information about your credentials, accounts, banking and business files can all be compromised. Stolen data can be used to defraud you, steal money, create accounts in your name and blackmail you.

Red Flag

When trying to determine if an email is real, one of the best strategies is to look at what it is asking for.

Click my “definitely safe” links please

If you are being asked to click a link, this is the first red flag. While not damning in its own right, this is the first eyebrow to be raised.

Give me your details – Login here

If you are presented with a login box, this is the second flag. You might be logging in constantly to different business sites, so it might seem legitimate. But to be sure, navigate separately to the real website and don’t trust the email.

Check out my file -honestbob.virus-

If a file attachment exists, red flag. Sometimes you will get sent a file, this is ok if you can check with the sender and are expecting it. Even files sent by your real contacts can be dangerous if their own system is compromised.

The totally fine request for information

Sometimes all it takes is someone to ask, be careful how you give out information. Millions have been lost to simple requests for banking information given to those not paying attention. Red Flag.

Below are some examples of emails received that are not to be trusted.

Phishing Email Primer

This article has been written as part of the Email Phishing Primer that Clive is writing over on Smart Thinking Solutions. For more information on this cyber security threat that can make it all the way to your computer inbox, you should read these articles:

Phishing Primer – Social Engineering (pt. 1)

Phishing Primer – Social Engineering (pt. 2)

The Phishing Email and AI (pt. 3)

Phishing Primer – Phishing Types (pt. 4)

Email phishing needs bait… (pt 5)

Phishing Attacks – It is in the numbers. (pt 6)

I will come back and update this article once Clive completes the series.

Ben Parker – byline and other articles

Further Reading

Cyber Security Awareness Training

Photo by Bing ( CoPilot )