Scammers, hackers and cyber security attackers use phishing emails, in which they pose as someone they are not, for financial gain. This allows them to steal sensitive information or deliver dangerous malware. This is usually done by including a link that will appear to take the victim to the fake company’s website to fill-in valuable details, which can then be used by the attacker for their benefit, or by including an attachment that is designed to infect your device with malware. This article will go in-depth into how to spot suspicious messages and what to do if you've already responded to the malicious email.
Freebook Global Technologies is committed to protecting our clients from cyber-crime. We will share relevant information on any potential threats that are emerging in the current climate.
Microsoft recently warned customers about an ongoing COVID-19 themed phishing campaign, that installs the NetSupport Manager remote administration tool1, which allows remote access to the compromised machines. There are many more of these scams happening throughout the world where fraudsters, often posing as health-related organizations, can manipulate the victim into downloading malicious macros. This allows them to steal any cryptocurrency wallets the victim may have, access sites without the user’s password and more.
Despite fraudulent phishing emails often being updated or changed, their tactics are very similar. Knowing what information is valuable to the fraudster is an important step in protecting yourself. Therefore, be wary of any emails or messages that ask you to give your login details and other sensitive information that could grant access to your email, bank, or other accounts.
Another aspect to watch out for is the story that the email is trying to sell. This could be anything from reasons why you must confirm some personal information, links to make an alleged payment to registering for a refund (usually from the government). Calling to verify the information claimed by the email is the best option to avoid giving your details into the wrong hands. You can also look for signs such as:
If you suspect you have received a phishing email, it’s very important not to open any links or attachments that were sent with it. If you aren’t sure if the email is legit, then contact the company the email was allegedly sent from using a phone number or website you know is real. Avoid using the contact information within the suspected phishing email.
If you have received an email, which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS) at report@phishing.gov.uk.
If you opened a link from a suspected phishing email, you should take these steps:
Brits are losing millions of pounds every year to phishing attacks2. During this crisis, it is paramount to be especially careful of any Coronavirus-related emails that you may receive and to not open any attachments. If you would like to find out more on cyber security contact Freebook Global Technologies.
1 Lawrence, A. (2020). Microsoft warns of 'massive' phishing attack pushing legit RAT [online]. BleepingComputer. Available at: https://www.bleepingcomputer.com/news/security/microsoft-warns-of-massive-phishing-attack-pushing-legit-rat/ [Accessed 15 Sep 2020]
2 Microsoft (2019). Brits are losing millions of pounds a year to phishing attacks – Microsoft is helping to stop that [online]. Microsoft News Centre UK. Available at: https://news.microsoft.com/en-gb/2019/06/07/brits-are-losing-millions-of-pounds-a-year-to-phishing-attacks-microsoft-is-helping-to-stop-that/ [Accessed 15 Sep 2020]