Filed Under:

How to deal with an email security impersonation attack

Today we are launching the first in our three-part email awareness campaign which focuses around impersonation attacks.

The idea behind this email campaign is to provide you with some of the industry secrets when it comes to staying safe with your company data and not being the victim of an attack.

The challenges of dealing with an Impersonation Attack

Whether they’re called Impersonation Attacks, business email compromise, CEO fraud or whaling attacks, email impersonation attacks are typically designed to trick recipients into making fraudulent financial transactions by pretending to be from someone they’re not.

Below are some key points when it comes to how to spot the signs of a fraudulent email.

Email Security - Lookalike domainLookalike email domain

Attackers will often register a similar email domain and create a new email ID using a similar name to the person they’re impersonating.

They will then email the target requesting an urgent response. As the email is only slightly different the victim will often not spot the difference and will send the sensitive data that the attacker asks for.

Also, if you are replying to an email that looks genuine, keep an eye out for the email domain when you hit ‘Reply’. If it has changed, don’t send the email.

Edited display names

Another technique attackers use is editing the display name of the sender. If your email app only shows the display name and not the email the attacker can easily fool their victim.

The increasing reliance on mobiles for email access has contributed to the success of such attacks. When you’re accessing your emails from a desktop both the name and email of the sender are shown which lowers the chance of falling for the attack.

A free email account

A common tactic used by cybercriminals is to send a message through a free email account such as Gmail, Yahoo, Hotmail etc.

In the email, the sender will probably indicate that they’ve been locked out of their email account and need immediate help to complete an urgent task.

If you do log onto a site from an email, be aware of what you are being logged into. Check that the website address has a padlock symbol in the address bar and starts with ‘https’. If it’s missing the ‘s’ – the site is not secure.

Top tips if you think you’ve spotted an impersonation attack