Email is the number one way into your computer or network. Since the onslaught of the Covid Pandemic my company, BeckTek, saw just over 53% of all inbound email to our clients was junk, spam and Phishing emails.
There are several varieties of Phishing email, today we'll break down a real world example of an email I received. I'll walk through how to tell it's a Phishing email and some reasons behind why the scammers did what they did as part of the scam. Here is an example of one I received.
In this example, there are four (4) quick warning signs that the email is not legitimate.
1) Sending email address. The scammers are trying to pretend to be Staples Canada. Referencing "staplesdirect" in the sending address may fool some people. However Staples website is actually staples.ca and NOT staplesdirect.shop . Even if Staples decided to send out email form the online store as "staplesdirect" it would normally still end in staples.ca. For example: @staplesdirect.staples.ca
2) Email starts with Hello Consumer instead of an actual name. If you purchased something online, you had to provide them a first and last name. As such, the greeting in the email would be specific to you and not some generic opening.
3) File attachment requires a password to open. By enforcing the use of a password to open the file, the scammers are trying to slip the email past traditional security. Traditional security software wouldn't have the password to open the file to scan the contents for problems increasing the chances of the email getting delivered to your inbox.
4) Instead of a PDF document used my most online retailers to provide a receipt, the scammers have sent an Excel spread sheet. Why an Excel spreadsheet you might ask?
Excel (as well as most office type documents) provides for the use of something called "macros". This allows for software code to be embedded into the file. Used for good, this can add additional functionality to the program and streamline operations and processes.
Used for evil, it can allow the hackers, scammers and cyber criminals to embed malicious code directly into the application. I've even see the bad guys get creative, to try and fool traditional Anti-Virus. They won't run the malicious code right in the file. They'll put instructions into the code to go out onto the internet, download a malicious payload (infected file or virus program) and install it on the local computer. Once a machine is infected on a corporate network it can then try and spread to other systems within the company.
How to deal with the threat?
There is no one "magic bullet". The best approach is to have multiple layers of protection. Things like:
Cyber Security really is a team sport - between management, staff and your in-house or outsourced IT Department. One segment of the team performing poorly can have catastrophic results. Don't just take my word on it.
I've created a free report called "The 7 Most Critical IT Security Protections Every Business Must Have In Place Now To Protect Themselves From Cybercrime, Data Breaches And Hacker Attacks" which is available here.
We Have More for You to Read