Tips from a Pentester on Spam and Phishing
The 5 golden Rules for Spam- Mails & Phishing
The 5 golden Rules for Spam- Mails & Phishing
[Published on 12 October, 2021]
The Corona pandemic has given scammers new lease on life.
Many of us have to sort through spam e-mails as part of our jobs. The senders of such messages have a variety of goals, including money transfers from unsuspecting victims, stealing personal data, and even infecting computers with malware.
Spammers have stand to benefit from the global crisis surrounding the coronavirus. Europol 1 and Interpol 2 have issued alerts about an increase in scam and phishing attempts. In the so-called "Covid-19 fraud," attackers take advantage of people's fears and curiosity.
These five golden rules can instruct on how to recognize phishing emails and how to deal with them effectively:
Spam detection:
Not all spam emails are recognizable. Skilled scammers can make emails appear real. Here are some things to keep an eye out for:
Spelling and grammar:
In emails that originate from a professional environment, there is usually very close attention paid to spelling and grammar. If several gross errors stand out here, or if the text looks as if it has been automatically translated, caution is advised.
Disturbing content:
Emails with warnings that accounts will be deleted or will suddenly be subject to charges in the future, etc., are often spam. The attackers use them to try to alarm the victim in order to grab personal information.
Question about personal information:
Companies that pay attention to cybersecurity do not ask for personal information in emails, and certainly not bank or credit card data.
Supposed (large) profits:
Winnings with large sums of money and the like (e.g. aristocrats looking for someone to "bequeath" the fortune) are almost always fake. If you have really participated in a lottery
You have to check carefully if the mail comes from the right sender. Ideally, you should contact the organizer of the competition by telephone before disclosing any data.
Anyone who makes their e-mail address public on the Internet must also expect to receive more spam e-mails. Particular caution is required where you give your company e-mail. Breaches and
leaks from the past have shown that access data is not always secure, even at well-known and large corporations. It is best to have a "junk" e-mail address in addition to the company and private e-mail addresses. With this, you can log in to sites from which you do not want to receive e-mails. An alternative is to use services that offer "throwaway" emails, such as https://10minutemail.com/.
If you want to know whether your e-mail is already part of a data leak, you can check this at https://haveibeenpwned.com/.
If you reply to spam, you let the attacker to know that the address is valid and in active use. This usually results in more spam and more targeted attacks. Scambaiting (the deliberate stalling of scammers) is fraught with danger and should only be undertaken by those who take adequate precautions.
Furthermore, chain emails should not be forwarded because the content is frequently questionable and spreads quickly. Last year, for example, a lot of false information about the coronavirus was spread in this way.
Most email services (Outlook, Thunderbird, etc.) allow you to block external content. This blocks images and attachments from being loaded from an external server for the time being. It will only be reloaded if you actively confirm that external content should be loaded.
Spammers can tell whether or not an email has been opened by looking at external content. This also allows you to verify that the address in question exists. Spam emails can be deleted before they become a risk if external content is blocked. Furthermore, this prevents people from downloading attachments that they do not want to download.
While many spam emails are clearly evident, there are some that seem to to be genuine. For example, a spam email may appear to be a legitimate newsletter, but when you click the "Unsubscribe" button, you are directed to a website that contains malicious code.
In general, every email should be carefully examined before clicking on a link or downloading an attachment. Before you click on a link, you can hover over it to see where it takes you. When you follow a link, make sure the page establishes a secure connection (this is indicated by the https:// at the beginning of the URL or the padlock symbol displayed by the browser in the address bar).
In general, always be careful with emails. If you follow these rules, it is unlikely that you will fall victim to a phishing attack. It is particularly important for companies to train their employees in the use of e-mail.
We are happy to help!
Increase your organization's security with our Advanced Threat Inspection.
To learn more about how ATI can identify your IT vulnerabilities and strengthen your protection against targeted attackers, please contact our accomplished security experts.