I recently attended an online conference hosted by SDN Communications and the Better Business Bureau that discussed the cybersecurity scams that are now being observed. According to the presentation, there has been a 600% increase in various scams since the end of February.
These scams include the traditional type where a thief is trying to impersonate somebody else and scams that attempt to extort money from their victims. One of the main reasons for the increase in this type of scam is that amateur cyber-criminals have more time on their hands, and professional cyber-criminals are trying to further their own agendas.
Since one of the primary methods used by these criminals is compromised emails, I am going to go over the anatomy of a suspicious email. Much of this advice boils down to simple caution. The phrase “when in doubt” comes readily to mind.
When you receive an email that is suspicious, take a few moments, and check it over while keeping a few things in mind.
Anatomy of a Suspicious Emails
Check the spelling. Do you notice any spelling mistakes or grammar mistakes? Oftentimes scammers do not follow regular grammar rules or use the wrong spelling of a word. Other times common words are simply spelled wrong.
Look at the “From:” address in the email and ask yourself if it makes sense. A business email will most likely come from an address that belongs to the business that sent it. ITC, for example, would probably not send an email from Gmail. Often, scam emails come from addresses that are freely available. At other times, scam emails may come from addresses that are similar in spelling to the actual business but are slightly different. This is another time where checking spelling is important.
If the email is requesting personal information, then it is suspicious. Is the email asking you for information that the company should already have? If it does, then there is a good chance that the email is fake. The best thing to do in that case is to use your phone book, either physical or digital, and call or email the company using their published contact information. That way, you know you are contacting the actual company and not a criminal.
Remember that it is not urgent. Does the email have a sense of urgency or fear? Does the email tell you that bad things will happen if you don’t respond quickly? If so, then this is another good time to look up the phone number and call the company. There is a good chance that the email is trying to scare you into reacting without first thinking.
Do not trust phone numbers or other contact information on an email that you are questioning. There is a high chance that the information included does not belong to the actual company, and you could end up calling the criminal.
We must all do our part to remain vigilant as cyber-criminals work to steal, not just our information, but access to our equipment. Be careful and stay safe while enjoying this essential method of communication.
-Michael Martinell, The Broadband Guy