How to spot the phish

We’ve all received those phishing scam emails. They try to pretend they are from big, well-known companies and they try to entice you into clicking on a link. Then the criminals will try to get hold of a legitimate username and password. Or worse, they try to install malicious software on your computer, like ransomware. They used to be easy to spot, by their bad grammar and poor spelling. But they are getting more sophisticated.

Here’s one I received this week. Looks like a real email from Sage. The logo is right. The grammar is perfect. And so is the spelling. One of the links in the email even goes to the Sage website. But the one in bigger text does not. It goes somewhere unrelated to Sage, probably a hijacked website belonging to someone who was not careful about their website security.

This email from Sage looks OK – but take a closer look

This email came to a Gmail account and Google’s spam filters correctly identified this as suspicious and sent it straight to my Spam folder. But this does not always happen, and if you don’t have a spam filtering service in place, it may never happen. So here are a few questions to ask to help to spot the scam.

  1. Do you do business with the company?
  2. Am I expecting an email from them?
  3. Who is the email actually from?
  4. Where does the link go to?
  5. What is the grammar like?

If you don’t do business with them or you weren’t expecting something from this sender, you should immediately be suspicious. You can usually check who the email is actually from. On the face of it, this email says its from Sage, but if you look more closely…
… you can see it comes from an address totally unrelated to Sage. So the email system of that address may have been hacked. Gmail on the web often shows this address but if your email system doesn’t, look for an option like “Show details”.

Try to work out where the link goes. In Gmail, you can usually do this by hovering over the link with the mouse. This may not be as easy within an email program or on a phone, so you might want to adopt the “better safe than sorry” approach and don’t click on links in emails like this.

Finally check the spelling and grammar. Even though they have been getting better, there’s still a lot of scam emails with really poor grammar out there.

Email is a great tool for business communications and most businesses could not work without it. You can get protected by using the right email service with good spam/phishing filters, or by adding an email filtering service to your existing email. But above all:

Be sceptical!

And get in touch for help and advice on keeping your IT systems safe and secure.

5 Cyber Security Tips

Take these small steps to improve your cyber security and stay safe online.

 

  1. Be Cautious When Connecting to Wi-Fi

When setting the password (sometimes shown as passphrase or pre-shared key) for your home or business Wi-Fi, ensure you use a strong password to protect your network and prevent intrusions. You want to keep your Wi-Fi router up to date and name it strategically, so hackers won’t know it’s yours. When connecting to public Wi-Fi, confirm your connection is safe. Know who or what you are connecting to because criminals sometimes set up fake Wi-Fi hotspots so they can hack your device and steal your personal information. Read more

We need to talk about your passwords again!

I thought everybody understood how important good password health is. But I was wrong. You see, people have to tell me their password sometimes. I’m trustworthy so that’s OK! I might be fixing something or setting something up when they aren’t there. I continue to be shocked at how weak some people’s passwords are. I know some of the reasons why. You can read my earlier post How to Escape Password Hell for some of the background.

It’s not just my customers, it’s everywhere. You might have seen this video before, it’s from the Jimmy Kimmel show in the US.

It’s a funny video. It would be even funnier if it wasn’t so frightening.

Is your password is your pet’s name (or your child… or your wife .. or your mother…), followed by a number like a birthday that you’ve probably posted on Facebook at some time? It is? Well, you have to change it NOW.  Especially if you use the same one everywhere.

Read more

4 Golden Rules for Keeping your PCs and your Data Safe

If you use computers in your business or at home it is really important to know how to keep PCs and your data safe.

 

Of course, you could never use the internet, or never connect a USB drive to any of your PCs. But that’s not really practical for most businesses or homes. You need some basic guidelines to help keep you safe.

 

Now, if you heard me talk recently about keeping computers and data safe, you may be thinking “Hang on, doesn’t Ian only have 3 rules?” And you would be right. But I’ve added one. One that I thought was obvious, so, I assumed everyone was doing it. But I was wrong.

 

So here are my refreshed 4 Golden Rules for Keeping your PC and Data Safe.

Read more

Ransomware: How safe are you?

Wannacry screen

Cyber security hit the headlines yet again this week. Several high-profile victims, including the NHS, had their data held to ransom by the Wannacry malware, complete with a demand to pay $300 in bitcoins (about £230) to get the affected files decrypted.  You can learn more about this attack here.

Read more

Gmail Attack: what should I do?

There was a large scale attack on Gmail this week. You can’t have missed it, it even made the BBC News. As many as a million users of Gmail may have been impacted.

You might not think this is important if you don’t use Gmail (or GSuite) in your business, but what if you or your staff access personal Gmail on work computers? Like I do! Read more

How to find a scam on the web in one easy step

If you want to find a scam on the web in one easy step, just type in the URL of a popular website but get one letter wrong. The sort of thing you might do if you were typing really quickly, and not paying attention. You’ll feel like Alice falling down the rabbit hole. It looks like the internet, it works like the internet and a lot of the stuff there is just annoying, but essentially harmless junk and advertising, like the internet. But this is mixed in with a wide variety of scams. Including the ever-popular, and completely evil, “Microsoft” tech support scam.

We’ve all done it at one time. And it just happened to me.

Read more

How to Escape Password Hell

We are in password hell and I’m going to explain how you can escape. Every site or system you use now requires a password. That could mean you end up creating upwards of 30 passwords. Read more

The Security Software Your Computer Needs

 

My computer security mantra is “Be sceptical, get antivirus and always backup”. So which Antivirus package does Computer Troubleshooters recommend for small businesses and home users?

It’s a no-brainer. Your work and home computers, as well as your personal laptop, need an antivirus program in place. But given the range of potential threats today, computer security is about more than just antivirus. ESET Smart Security is an essential tool to help keep your information protected, your devices safe from hackers, and your system’s software up-to-date. That’s why Computer Troubleshooters recommends ESET Smart Security.

4 Reasons to Use ESET Smart Security.

Virus Detected

Read more

Can you remove Cryptolocker?

RansomwareThat’s a question we are hearing more and more. The answer is not so simple because it can be very difficult to remove cryptolocker virues. In my previous article I described 4 fairly simple steps to remove many vriuses, but unfortunately this type of ransomware is not so easy to deal with once your computer is infected. This really is a case of prevention not cure being better.

Read more