Protect Yourself Against Spearphishing
The U.S. Justice Department charged 12 Russian military officers today in a history-making spearphishing scam. The 12 defendants are charged with conspiring to interfere with the 2016 presidential election by stealing information from email accounts of volunteers and employees of a U.S. presidential campaign. While the scam may sound sophisticated, it is a simple digital fraud and anyone using email can be attacked if they’re not cautious. Here's how to protect yourself.
With spearphishing, a hacker sends you an email message that tricks you into disclosing your username and password to a secure account.
The email looks like it comes from a legitimate source, such as Microsoft, Federal Express, or other companies you trust. For instance, as shown above, you might receive a message that your email inbox is "99% full." If you're in a rush or simply not a sophisticated computer user, you might just click on the link to clean up your email inbox. You may not realize that this message is a fraud and clicking on the link installs a malicious program on your computer that records your keystrokes and sends hackers your passwords.
Many variations of these schemes exist and new ones keep appearing so fast that security software programs cannot keep up. Perhaps the most important way to thwart a spearphishing attack is by carefully examining links in emails before clicking.
Hovering over the "Clean Up Mailbox" link in this example displays a link to a strange website and not your email program. If the link is unfamiliar, don't click on it.
Another popular spearphishing scam is notifying you about a package. Here again, hovering over the link in the email displays a website address that is absolutely, positively not Federal Express.
Notably, the email account from which this message was sent is not a legitimate FederalExpress.com account.
Often the "from" email address will tip you off to a fraud.
Phishing emails until recently were easy to spot because they commonly contained misspellings and grammatical mistakes. A scan of hundreds of recent phishing messages indicates fewer telltale signs. The scammers are getting smarter.
While the cat versus mouse hunt to protect against spearphishing lately has been won by the evildoers, software solutions are growing stronger. For example, Microsoft Office 365 online users now have a new way of designating a message as Phishing. This new feature of "blacklisting" a malicious message prevents that same scam from hitting you again and gives Microsoft information about its origin. Of course, anti-virus software is a must.
In addition, two-factor authentication is becoming more widely used. This requires you to verify your activities using a cell phone in combination with an email address or website login. It is not foolproof, but it is much more difficult to hack.
If you ever have any questions about information you receive from us by email, please do not hesitate to call us.
- Despite December Turbulence, Economy And Business Optimism Were Strong
- Latest Forecasts Show Economy Is Doing Okay
- A Poignant Moment In Financial History Sparks Stocks
- 'Twas The Last Trading Day Before Christmas
- Stock Plunge Nears Bear Territory After Fed Hike
- A Last-Minute Reminder To Give Wisely And Charitably
- Key Facts About Tariffs, Interest Rates, And Economic Strength
- Fed Chair Extends A Dovish Hand, Lifting Stocks
- S&P 500 Slid Last Week, As Earnings Growth Is Recalibrated
- Last Chance For Pre-Retired Professionals & Biz Owners
- Amid A Swirl Of Controversy, Fed Policy Remained Stable
- More Good Economic News On Friday
- Is Amazon Keeping The Inflation Rate Low?
- Analyzing The Market Correction
- This Week In Stocks And The Economy