You’ve seen it before: a vague email from a suspicious address informing you that your account is having issues and you need to log in to resolve them. These types of spam emails have been a part of our online culture since the dawn of the internet, and recently has been even more prevalent. In this month’s blog post, we’ll go over the most common email scams and how to avoid them.
According to a recent Corridor Business Journal article, attorneys have noted a rise in what are known as login phishing scams. A suspicious looking email is notifying you that there is an issue with your Google/PayPal/Amazon account, and you need to click the link and log in to resolve it. This link is usually leading to a Google Document, Dropbox or OneDrive file that will ask for your credit card information, social security number, username and password, and any other information they think they can get out of you. Of course what will actually happen is it will gather and record your login credentials and personal information. Some tips to avoid these are:
- Always check the sender email address. Businesses such as Amazon and Google will only send from verified email addresses. If you’re uncertain, visit their website’s support section.
- Don’t panic.
- Carefully examine links in the email but don’t click on them. You can do this by hovering over them with the mouse. If they don’t link to the company’s official website, or to an online document, don’t click on them.
Ransomware is a specific kind of phishing that only targets business owners. The idea is that hackers silently infiltrate a business’s database, then either gain access to customer information or lock the business out of the database. To give the business back their information or access to their database, the hackers will demand money, and if their demands aren’t met, release the information to the public.
The hackers are more concerned with getting money from their victims than actually selling the information they obtain, which makes it more difficult to deal with and defend against. Once these attacks have started, they can be very expensive to solve, which means the best approach is prevention. Be wary of suspicious looking emails, ensure your computers are all locked down, and run routine security checks on your infrastructure.
Domain Name Scams
These kinds of scams are targeted mostly at small business owners. The email informs you that there is some sort of issue with your domain (it’s expiring and you need to renew it) and the company will help you through the process. What that company is actually going to do is walk you through the process of transferring ownership of your domain to them.
These emails are usually marked with URGENT or some other notice that you need to act now. As with the previous email scam, it is important to not panic, slow down, and relax. If the company mentions their name in the email, run a Google search on it. Do you know your domain name provider or do you manage it yourself? Log in and see if it is actually expiring. In the end, these emails can be ignored.