Cybercrime is more than just an illegal tactic designed to threaten a victim’s finances, data and network – it’s a career. To make a living out of cybercrime it takes an unbelievable amount of skill, dedication, cunning and absolutely no conscience.
Recently our IT and cybersecurity specialists at HBP have detected a vast increase in the amount of cybercriminals using seemingly authorised emails to target their victims. Most cyberattacks are influenced by money, whether they take it from you or blackmail you into giving it to them.
You Wouldn’t Give Away Money Or Data To A Stranger – Would You?
There is a prolific new-style of social-engineering ‘impersonator emails’ infiltrating the inboxes of users, despite their spam and email defences. This new breed of deceitful emails is able to arrive in your inbox as they are sent from genuine accounts, of non-cyber-criminal-masterminds – that you may even know. The content of these malicious emails varies from ransomware to social engineering, whereby you are deceived to pass over money or data to someone that you trust. The recent spate of impersonator emails may be sent from real accounts which have been hacked or the owner’s private credentials have been stolen.
Cybercriminals may harvest credentials through social engineering or conduct a Dictionary Attack. The latter is when a hacker exploits known communication endpoints, such as a router, domain or website, and systematically tries to login using common previously verified and hacked credentials in an attempt to match correct password, thus seizing ownership of that user’s rights.
Another form of impersonator email is when a malicious email is disguised by a cybercriminal through convincing graphics or a ‘HTML trick’, which makes it difficult for the receiver to identify that the sender account is fraudulent. Logos, fonts, colour schemes, branding and sender addresses are cloned to appear genuine and gain your trust.
One Click Is All It Takes
An example of the threats that these emails contain is Ransomware, which masquerades as a friendly link or download, however, it just wants you to activate it and let the bedlam begin. The malicious software will begin encrypting your files to copy/steal your data and your user rights on your network may also be compromised. The only way to retrieve ownership of your data and rights is to pay a ransom. Your spam defence is more likely to catch emails with ransomware or viruses within them, however, it is less likely when coming from a genuine account, and even less if it is from within your own network.
Phishing For Data
An additional form of an impersonator email is Phishing. Again, a Phishing email can come from a contact you may know if they’ve been hacked, but third-party cybercriminals can also send them. Phishing emails are designed to socially engineer and manipulate you into voluntarily giving away your data or private information.
Regardless of what information the cyber scum attempt to extort from you, it will be used against you. Bank details, passwords, names, numbers, addresses, your likes, your dislikes, your pets, your friends, what food you like etc. etc. – the list is endless! So you know how and why – now it’s time for what you can do!
Your Data, Your Responsibility
One of the biggest threats to your data and network is you. Ransomware via email is less common to make its way into your inbox, however, Phishing threats are on the rise. Your anti-virus software and spam defence cannot block them because there is no virus in the email – but that makes it far from legal. It’s easy when we talk about “cybercrime” to think of machines instead of the human culprit. They may be cruel, but they are very intelligent and unfortunately, they are very hard to catch. It’s not fair but it’s a fact, therefore we have to educate ourselves on how to detect ‘The Impersonator In Your Inbox’ and prevent it from spreading.
Impersonator emails can occur in both your professional and private emails – so no matter what network you use, a sound anti-virus software and spam defence are needed. As specialists in cybersecurity, HBP practice what we preach and follow the same IT and email security measures that we advise our customers.
A Hacker Can Only Take What’s There
Our internal staff network is restricted, whereby employees can only access what is relevant to their department or role, and certain data is encrypted to only be accessed in specific geographical locations. As Platinum Partners of acclaimed cybersecurity company Sophos, we work closely with them to constantly analyse cybersecurity and re-evaluate our strategy to tackle it. We focus on educating and training our staff and make them aware of the latest threats.
Common Indicators Of An Impersonator Email Include:
1. Sender’s email – is the punctuation correct e.g. firstname.lastname@example.org or email@example.com. 2. No personalisation – has the sender addressed you or does the tone differ to how this person usually writes? 3. Random context and attachments. 4. Bulk recipients – do you know the other recipients? 5. Poor grammar and spelling – unprofessional. 6. Unexpected – would the content be more appropriate delivered in person or via phone? 7. Subject headers – unrelated to the email content. 8. Absence of graphics and branding. 9. And, more importantly than all of the above – does the email concern you? Don’t just blindly believe what you read – ask yourself, does this make sense and is it intended for me? The case where the exploit is so personal and targeted that you can truly answer yes to this is so minuscule – so be as vigilant as possible.
Spread The Word, Not The Spam
In the unfortunate event that you receive a suspicious email DON’T CLICK ANYTHING ON IT. Spam it and delete it immediately. If you’re unsure, do not forward it or reply. If you know the alleged sender, contact them via phone or in person straight away, as their account may have been hacked. Whether it is your best friend or a complete stranger, never disclose private information, credentials or data (belonging to anyone) via email. Your inbox holds emails for years and if anyone hacked into them they would have access to this private information. Most of us have received Phishing emails, and most of us have deleted them without a second thought, however, it only takes being caught out once to compromise yourself.
Cyberattacks are the result of organised crime – it is a complex issue and it’s not going to get easier. Nevertheless, by staying cautious and alert with our online, email and data activity, we massively reduce the risk of compromising our data, which with the implementation of GDPR, none of us can afford to take.