Issue No. 61August 2017

Spear Phishing – A Serious Email Threat

Spear Phishing is the practice of sending fraudulent emails, ostensibly from a known or trusted sender, designed to induce the recipient into revealing confidential information or installing malicious software.

Unfortunately, these scammers are getting trickier and their attacks are growing in sophistication. As technology progresses they are using new techniques to falsify emails and spoof email domains, and they have learned various ways to avoid detection by applying lessons learned from previous attacks.

Spear Phishing attempts are a growing threat. Even we at KTS have received Spear Phishing emails. One memorable example was crafted to appear as though it was from a client of ours, and noted that we had overcharged their credit card. The message indicated they wanted a refund immediately. Here is where it gets scary – their domain was that of an actual client, it just happened to be misspelled slightly. There was an attachment for the “overcharged” invoice, which contained the infected payload or malicious link. The clue that tipped us off that it was a fraudulent message was when you used the mouse to hover over the attachment, you could see it went to some strange and unrelated website. Other examples include messages received about scheduled or missed package deliveries and messages that purported to be cancellation notices for Office 365 services.

Here are some important tips that you can use to identify fraudulent message and protect yourself:

  1. Protect your computer and emails with antivirus and/or spam filtering. We can help you and your company with best practices, security, and spam filtering.

DO NOT OPEN EMAILS OF WHICH YOU ARE UNCERTAIN . If you receive an email, and are are unsure here are some things to look for:

Let us know if you need a security audit 

and/or protection for your company. 

Contact us at:

Phone: 858-952-5400 

Email: support@kazmarek.com