The phishing theme continues as the number of attempts to phish someone by the good old fashioned email continues to rise. The reason for that being that the cost is low or not existing – all the fraudsters need is to acquire a distribution list and then a few people hooked to make a profit.
In one of our latest post we made a list of how to protect yourself or your company from phishing (see below for a reminder). Phishing comes in many different forms and sometimes they are easy to spot and other times you have to look more than twice, but often the giveaway is the sender address. The sender name often looks genuine but the actual sending address often reveals that it is a scam. When you click on the name of the sender UPS, Apple or Amazon, you see that the actual email is a gmail or yahoo address, a sure sign that it is not genuine.
The most popular phishing method these days is to use deleted domains with historical data. The historical data which is connected to the domain makes it easier for example for emails to slide through the firewall. Scammers can use the expired domains to steal credit cards data or they might target email accounts that are linked to the domain to scam customers, clients or steal company secrets. The scammers can also set up catch-all email forwarding data for the domains that they re-register thereby getting access to confidential client data and emails.
How to protect yourself or your company from phishing
1) Make sure to streamline your domain strategy and SoMe strategy
2) Make an internal domain & SoMe policy
3) Register the most important typos
4) Use multi-factor authentication to your domain account
5) Be cautious when opening attachments
6) Think before you click! Do not open links in emails unless you know the sender or at least know why you are receiving the links
7) Never give out personal information
8) Keep your browser up to date
Find out more about what Dotwhat can do for you by contacting us directly at email@example.com