Today we are launching the first in our three-part email awareness campaign which focuses around impersonation attacks.
The idea behind this email campaign is to provide you with some of the industry secrets when it comes to staying safe with your company data and not being the victim of an attack.
Whether they’re called Impersonation Attacks, business email compromise, CEO fraud or whaling attacks, email impersonation attacks are typically designed to trick recipients into making fraudulent financial transactions by pretending to be from someone they’re not.
Below are some key points when it comes to how to spot the signs of a fraudulent email.
Attackers will often register a similar email domain and create a new email ID using a similar name to the person they’re impersonating.
They will then email the target requesting an urgent response. As the email is only slightly different the victim will often not spot the difference and will send the sensitive data that the attacker asks for.
Also, if you are replying to an email that looks genuine, keep an eye out for the email domain when you hit ‘Reply’. If it has changed, don’t send the email.
Another technique attackers use is editing the display name of the sender. If your email app only shows the display name and not the email the attacker can easily fool their victim.
The increasing reliance on mobiles for email access has contributed to the success of such attacks. When you’re accessing your emails from a desktop both the name and email of the sender are shown which lowers the chance of falling for the attack.
A common tactic used by cybercriminals is to send a message through a free email account such as Gmail, Yahoo, Hotmail etc.
In the email, the sender will probably indicate that they’ve been locked out of their email account and need immediate help to complete an urgent task.
If you do log onto a site from an email, be aware of what you are being logged into. Check that the website address has a padlock symbol in the address bar and starts with ‘https’. If it’s missing the ‘s’ – the site is not secure.