Page 5 - 2105
P. 5
‘Tis the Season for Fraudulent Email’
By David Kretchmar
You have probably already received emails that ap-
pear to come from a bank or other online service million phishing emails about COVID-19 to Gmail us-
requesting that you verify account credentials. You ers every day in March, which Google blocked. In
might have been asked to provide personal infor- April Google was blocking more than 100 million
mation including account and credit card numbers phishing emails a day. And these are just the phish-
and passwords. This is a standard phishing tech- ing emails the tech giant blocked. Yet some still ap-
nique; oddly, the sender is asking for information pear in your Inbox, and If you can’t spot a phishing
they should already have. email, you could be the next victim.
Unfortunately, It is no surprise that the coronavirus pandemic has
“If you can’t spot a phish- during the become a top subject for attackers. The appearance
of any crisis brings new circumstances that provide a
ing email, you could be COVID-19 new environment for cybercriminals to innovate. At
pandemic,
the next victim.” we’ve seen the same time, phishing attacks have also benefited
once again from the number of new remote workers.
that phishing
lures are mutating and they’re often hard to recog- So how do you recognize suspicious emails?
nize. Look at the sender email address
Phishing is a form of social engineering email attack The sender’s email address is the first place to look.
in which the sender tries to gain access to login cre- If it looks “funny” or unfamiliar be careful with that
message. You can check the email address by hov-
dentials, to get confidential information, or to deliver ering your mouse over the ‘from’ address but don’t
a virus. This is accomplished by tricking humans like click. Scammers’ email addresses used to be anony-
you and me.
mous or had very generic names with many num-
Scammers know there’s a good chance that any bers. Sometimes the sender’s email address would-
message will be scanned for malicious content by n’t match the sender’s name or the body of the mes-
the security software of your browser and mail pro- sage.
vider. Google, Edge, and most other browsers are
pretty decent about stopping known spam, but plen- Receiving emails about a
ty still gets through. Scammers are constantly problem with your account
changing techniques. from financial institutions
with whom you have no
relationship is a laughable
tell. But if you do get an
email claiming to be from
your bank, closely review
the email address. The email address is sometimes
the only sign of a scam, due to how professional the
messages look. If you feel the email might be legiti-
mate, check your account the way you would normal-
ly access it (not a link provided in the email).
Keep in mind that any big outfit is going to have an
eponymous address i.e., you contact PayPal at an
Since the coronavirus pandemic started to unfold, address that includes paypal.com.
fraudsters have wasted no time in trying to profit
from the uncertainty and fear connected to the cri- Be suspicious of attached files or unfamiliar links
sis. In March 2020, when this all started, there was Cyber criminals’ emails might contain malware or
a flood of COVID-19 themed spam, spreading mal- send you to a malicious web destination. If you are at
ware, phishing for sensitive information, or offering all suspicious, don’t click. Legitimate service provid-
bogus products. ers don’t send messages requesting you to log in via
an embedded link. Also, pay special attention to at-
According to Google, scammers were sending 18 (Continued on page 6)
May 2021 5
