Statistics show that over 90% of cyber-attacks are a result of successful email phishing campaigns. Malicious attackers often take advantage of current events to tailor email messages to appear more authentic in an attempt to attract users to open and interact with the email message. With the impending election, COVID-19, and respective upcoming holidays approaching, we want to remind people to “Think, before you click the link.”
If you receive unsolicited email messages, take the time to think about why you are receiving this, and what action is the email asking you to perform.
- Do you know the sender, or does the sender’s email address appear suspicious?
- Is the greeting generic?
- Did the sender address you by name?
- Are there attachments?
- Is there a sense of an urgent response by you?
- Were you expecting a message regarding the content of the email?
All of these are indicators of potential phishing.
Malicious actors like to send spoofed emails from internal employees/entities. If the email seems uncharacteristic of an employee/entity or seems sketchy verify it with your IT department before moving forward. If you are at home, just delete it. It isn’t worth the risk.
A method of deception gaining popularity are text messages on your mobile phone or tablet.
We heard of one last week, supposedly from Rogers Mobile, letting the recipient know that “Due to network issues, your account will be credited one month of service.” In this case, the user didn’t have a Rogers account so it couldn’t possibly have been authentic. There was no explanation with the message, just a link to tap to gain the credit.
Infecting your cell phone or tablet can be just a damaging as on your computer.
Be very wary of all communications you receive. Trust your better judgement to stay safe.