Posted on August 10, 2017 by morganr
Phishing Getting Even Better At Fooling Us With Replies
August 10, 2017
If you are a busy person, as we all are, it might be worth a little bit of time to study your email replies before clicking on anything within them. In a recent Comodo Threat Intelligence Lab Report is information on a new iteration of the typical phishing email message. Instead of merely looking like it’s from someone you know or a vendor with which you are familiar to catch you off guard, it now even looks like a reply to one of your own previous inquiries.
The typical format of this new one resembles a message you may receive from a shipper or vendor when you do legitimately ship something. The subject starts with the familiar “Re:” followed by subject such as “shipping information.” However, the included, which is disguised to look like a link to a label or status update will actually redirect users to a site that downloads malware.
To avoid deploying any type of malware onto your work network, be sure you take a little bit of time to review any links or attachments inside email messages before taking any action. Although it is getting more and more difficult to detect the fake ones these days, you can still go through the motions and usually make the right choice.
Carefully review the text for misspellings and grammatical and punctuation errors. These still happen, even though less frequently.
Watch for imperfections in the logos or other graphics.
Hover the mouse pointer over the link to make sure it’s headed where you think it should be. If it just looks like a bunch of random characters, it probably is not a real link.
Look for extra spaces, underscores and special characters littering the URL. In the image posted by Comodo, there is an extra space at the beginning where it should be “www.”
The attack documented in this report lasted for about seven hours, targeted 50 enterprise customers, and affected approximately 3,000 users. It used 585 IP addresses throughout the world. However, the vast majority of those (513) were located within the U.S.
It’s easy to get overwhelmed with activities at work. There is a lot to get accomplished these days and sometimes, even eight hours at the office doesn’t seem long enough. Those in middle management are even more at risk of being victims of phishing emails. So, rather than click through just to get the “new message” dot to disappear from your messages, spend a few seconds reviewing any links or attachments. Then you can avoid setting off potentially another WannaCry incident.