Account takeovers are commonplace and are on the rise. Barracuda Networks did a study 1 and found that by stealing account credentials for email accounts, attackers can use the information in phishing campaigns and other various objectives. These include sending spam, which can be annoying, but attackers often intend to get malware onto a device, which is done through email links or attachments.
It’s important to know when a link or attachment in an email is safe to click. The number one clue is that you were not expecting to receive it. Of course, not all links that you are not expecting are malicious; for example, links to information for a conference you may be attending soon. However, many are and should certainly be deemed suspicious. If you cannot be certain a link or attachment is safe, contact the sender by calling them on the phone. Also, remember not to use information sent in those email messages for contacting the sender. Often, these are fake as well and just take you right back to the attackers.
These old clues still help in detecting phishing emails too:
• The greeting is generic.
• They have misspelled words or poor use of language.
• They use old and/or unprofessional looking images.
• The link doesn’t go where you expect it to if you hover the mouse pointer over it.
Account takeover is a good way for cybercriminals to get the information they need. That’s because phishing email messages often make it past all the perimeter and other security tools that may be in place in an organization. These tools aren’t always able to detect if an email message is phishing. The cybercriminals have become that good at making these look authentic, especially when they are crafted with targeted details that the recipient may believe to be true.
The pressure is on for individuals to keep on top of this threat. And the best way to do this is with continual awareness and education on how to detect recent security threats. And more importantly, how to avoid becoming their next victims. Here at Family Trust, we dedicate monthly blog post on security for our members’ awareness. Be sure to keep up with these tips on how to keep your accounts secure.