In a more innocent age (the 1970s to be exact!), the TV advertisers would have us believe that the greatest threat we faced was an attack from a red and white striped straw known as a Humphrey intent upon drinking all of our milk!
Humphreys probably don’t pose such a problem nowadays, but when it comes to the digital world and emails in particular, it pays to watch out for a William (of which, more later) and other suspect email senders.
How many emails do you receive in the average day?
How many of these are dodgy?
I thought it would be helpful to share some common scam emails with you – forewarned is forearmed – and show you some of the features to watch out for. Some of the early dodgy emails were easy to spot; full of poor grammar and spelling errors, often sent from a Nigerian prince, promising riches in return for a handling fee. There are often clues such as sender email address not matching the sender name; we analysed a dodgy tax-related email here.
Contemporary scams can be trickier to detect; indeed they can actually be sent from within your company email system. You can learn more about this in our CEO fraud blog.
A particularly nasty example is doing the rounds at the moment: the Hacker email.
Here’s one I prepared earlier. Email addresses and passwords have been redacted to protect the innocent:
- Sent apparently from your own email address
- Shows you an authentic password
- Threatens to share personal content from your PC with your contacts
- Demands a ransom in bitcoin
IT’S A SCAM, KNOWN AS SCAREWARE. It’s designed to scare you into giving them money. Your email address has not actually been hacked. The password displayed has been purchased from the dark web. If you are still using it, it is high time for you to change it!
Some emails appear more innocuous. Here’s one we know as the William email.
William of UKDT has been busy writing to several of our customers, telling them that he is legally obliged to inform them that someone is trying to register a domain which is similar to their current website. We can’t find evidence of the existence of UKDT, so this basically appears to be a request for an unnecessary payment.
Some are more blatant. Purporting to come from Microsoft or your bank, they ask you to click on a link and supply your password. Rest assured, these organisations would never ask you to reveal pin numbers or passwords in this manner.
How can you protect yourself against these modern-day Humphreys?
- If in doubt, don’t click!
- Get educated about cyber risks.
- Use a spam filter and antivirus software to block dodgy emails.
- Employ strong, unique passwords. Consider using a password manager like Dashlane to help you with this.
- MFA – multi-factor authentication will stop hackers in their tracks, even if they get their hands on your password.
Here at Computer Troubleshooters, we can help you to implement security measures. Perhaps you should consider Cyber Essentialsfor your business. Why not drop us an email!