Phishing Scams Use Your Social Network Against You

Be on the lookout for some new, email-based attacks spammers are using to infect people’s machines with malware.

Spear phishing targets companies and individuals directly by sending email that looks like it comes from a coworker or friend but uses a different email address. It’s much harder to spot than your run-of-the-mill fake dating site/drug spam, which is why it’s been so effective.

How are they getting information about my friends, family, and co-workers?

Similar to social engineering efforts, we suspect scammers gather information posted publicly to websites and social networks like Facebook and LinkedIn. Even if your profiles are set to “private,” information may be gathered about you based on the people in your network.

What can I do?

First, make sure you how to identify a spear phishing email:

It’s from a name you know, but there’s a minor misspelling/typo.

Often, this means two characters are swapped, or they’ll add or remove a letter.

Actual email address sallyjones@gmail.com
Spam fakes sallyjjones@gmail.com extra j
salllyjones@gmail.com extra l
salyjones@gmail.com missing l
sallyijones@gmail.com fake middle initial
sallyjenos@gmail.com swapped e and o

 

It’s sent from the wrong domain.

For example, sallyjones@ggmail.com or sallyjones@gmail.cx.

It contains a link to a website.

This can be tricky, because spammers will try to hide dangerous links in a sentence (“Hey, check out this blog post that might help you out at work”) or behind a seemingly legit URL (“Hey, that article I was talking about is on qctimes.com/local-business today.”).

It might even be a link to a compromised area of a site you trust (www.qctimes.com/asdf/badstuffhere/funnyvideo.html). Or, they might try to trick you by using fake subdomains. For example, this web address – www.gmail.tsts.com – would point to our servers here at Twin State, not at Gmail.

Simply clicking on bad links puts your computer at risk.

Even if you aren’t asked to install anything or enter passwords, your machine may be infected by visiting a compromised website. That’s why it’s so important to be on the lookout for spear phishing techniques.

When in doubt, it’s best to check with your source directly.

Tags: ,