The number of personal records exposed skyrocketed to 285 million records at the close of 2008, compared with 35 million in 2007. It was the largest collection of lost data on record and experts say early figures from 2009 look to continue the trend. The teenage hackers from yesteryear have grown up, they’re now smarter and they’ve finally figured out how to make a profit.
Making the assumption that most businesses are up to speed with anti-spam and anti-phishing software, there should still be concerns for those who work from home. How savvy are you when it comes to spurious email messages?Two days ago I received the email below. For once, the sender had me right where they wanted me and even managed to avoid landing in my junk email folder. It looks legit but it’s actually a phishing email.
Phishing scams attempt to trick people into providing sensitive personal information such as credit card or banking details through emails or websites that mimic a target company. In this case, it’s the Abbey, to whom I am actually a customer. It only took me a few seconds to become suspicious but unfortunately thousands of people are still hoodwinked by emails like this every day. To reduce the risk of falling for these scams however, I have pointed out a few tell tale signs on the screenshot above.
Look for Generic Greetings: Because they are sent in bulk to many recipients, scam emails use generic greetings such as "Dear account holder" or "Dear [targeted institution] customer". Think about it; every piece of mail you receive from your bank no matter how insignificant has your name on it somewhere. Don’t just assume they forgot this time. It’s simply not them.
Obscure links: Go on to Abbey.com (or corresponding corporation) and you will see that all pages begin with an ‘abbey.com/....’ prefix. Hovering my mouse over the link contained in the message showed the address to begin: ‘http://www.albaricevimenti.it/........’ : This turns out to be a genuine Italian hospitality site that has probably also been compromised – but most notably it’s not the Abbey National. Upon clicking this link I am presented with a web page that looks identical to my genuine online banking log on screen. However, this one comes with the added bonus of a Trojan key-logging Virus embedded within the page. Anybody tricked into logging into the fake page will in fact be providing their account details directly to the internet scammers. Once the scammers have these details, they are then able to login to their victim’s secure Abbey account.“From” address: Similar to the URL link, one can only assume that a legitimate sender would have a uniform “abbey.com” address. The sender of this one, an ‘online@nllinux-fe01.int.active24.com’ doesn’t inspire a huge amount of confidence.
Fortunately, this fraudulent email was relatively easy to detect. However, others are not so straightforward to suss out. More sophisticated hackers may have gained access to your name, address and perhaps even some of your bank details. They may disguise the hyperlink and sender address to appear legitimate, or send the email as a clickable image file so no matter where you click on the email the bogus website will open. Some say your account has been suspended and needs to be reactivated in a certain time period; others tell you your card balance is overdue.It is crucial to recognise here that banks will never send an email to you asking for your account details. Treat any unsolicited email from a bank or other institution with the utmost suspicion. Rather, copy and paste the first few lines of the email into a search engine along with the word ‘scam’. This will quickly show you whether other people have received something similar to which they frequently have. If you have any doubts at all about the honestly of an email, contact your bank or institution directly. Do not click any links, supply any information, reply to the email or open any attachments. Report the scam and delete the email from your computer as soon as possible.
Tweet
Add your comment