It’s not something you’d add to your CV, but cybercriminal is a career for some and it’s becoming increasingly common as cybercrime continues to rise.
To make a living from cybercrime, an individual or group must be skilled, dedicated, cunning and have NO conscience as they could potentially be taking away people’s savings, livelihood or identity.
Our team of experts at Connectus has seen a huge rise in businesses and individuals contacting us when they’ve noticed something suspicious, or unfortunately have been scammed and want to protect themselves going forward.
Most cyberattacks are influenced by money, whether they take it directly from individuals and businesses or by using blackmail techniques to make you hand over what they have asked for.
Would you hand over money to a stranger in the street?
The simple answer is NO!
There are always new means being created to scam people online, the most recent is ‘impersonator emails’ which are catching out hundreds of people weekly.
These emails are sent and look like a normal email arriving in business or individuals’ inboxes despite spam and email defences.
This new breed of deceitful email can arrive in your inbox as they are sent from genuine accounts, of non-cybercriminals, that you may even know.
The content of these malicious emails varies from ransomware to social engineering, whereby you are deceived to pass over money or data to someone that you trust.
The impersonator emails could come from someone you know because their accounts could’ve been hacked, or the owner’s private details stolen.
Cybercriminals identify personal details through social engineering or by conducting a Dictionary Attack – this is when a hacker exploits a router, domain or website, and methodically tries to login using common, previously verified and hacked personal details to match the correct password, and then seizing ownership of that user’s rights.
Another form of impersonator email is when a malicious email is disguised by using convincing graphics or a HTML trick, which makes it difficult for the receiver to identify that the sender account is fraudulent. By using well known Logos, fonts, colour schemes and branding – the email can appear genuine and trick the recipient into opening it (one simple click is all it can take) and engaging with what has been asked of them.
Sneaky and threatening
Cybercriminals are clever and so is the technology they use to trick unsuspecting people or businesses of any size.
An example of the threats that these emails contain is Ransomware, which looks just like a friendly link or download. The malicious software will begin encrypting your files to copy/steal your data and your user rights, your network may also be compromised. The only way to retrieve ownership of your data and rights is to pay a ransom. Your spam defence is more likely to catch emails with ransomware or viruses within them, however, it is less likely when coming from a genuine account, and even less if it is from within your own network.
Phishing is an additional form of an impersonator email used by fraudsters to access valuable personal details such as usernames and passwords.
These details could have a monetary value to criminals and can often be used against an innocent individual often through bogus communications.
Here are a few things to look out for and what to do if you receive a phishing message:
1. Be Aware and Pro-active
When responding to emails never give your login or personal details. If you receive an email from a company that claims to be legitimate but is requesting these details, or a contact number, tell them you will call them back. Use a legitimate contact number for the organisation they may be impersonating.
Please be aware your bank will never ask for your entire pin number, online banking security code or any other personal data via email.
2. Use Your Spam Filter
If you detect a phishing email, mark the message as spam and delete it. This ensures that the message cannot reach your inbox going forward.
3. Know Your Source
Never respond to a message from an unknown source. Take care not to click any embedded links as it could take just a simple click for the impersonator to access your details.
You must protect yourself
You are one of the biggest threats to your network and data. Your anti-virus and spam software cannot block impersonator emails because they do not contain a virus.
Cybercriminals are cruel, but they are very intelligent and unfortunately, they are very hard to catch.
As cybers security experts, Connectus works with businesses to educate them about online protection, how to detect spam emails and how to stop it from spreading to others – family, friends or colleagues.
Common Indicators of Impersonator emails include:
1. Does the email concern you? If not – DELETE it, don’t go any further with it!
2. Sender’s email – is the punctuation correct?
3. No personalisation – has the sender addressed it to you and has the tone differed from how the person usually writes?
4. Random context, attachments, poor grammar and a mix of lowercase and capital letters?
5. Bulk recipients – do you know the other recipients?
6. Surprising – would the content be more appropriately delivered in person or by phone call?
7. Subject headers – unrelated to the email content.
8. Absence of graphics and branding.
Don’t spread spam!
In the unfortunate event that you receive a suspicious email DON’T CLICK ANYTHING ON IT. Send it to spam and delete it immediately. If you’re unsure, do not forward it or reply. If you know the alleged sender, contact them via phone or in person straight away, as their account may have been hacked.
Cyberattacks are the result of organised crime, stay cautious and alert when you are online, with your emails and all other data activity.