The Impersonator In Your Inbox
Cybercrime is more than just an illegal tactic designed to threaten a victim’s finances, data and network – it’s a career. To make a living out of cybercrime it takes an unbelievable amount of skill, dedication, cunning and absolutely no conscience.
Recently our IT and cybersecurity specialists at HBP have detected a vast increase in the amount of cybercriminals using seemingly authorised emails to target their victims. Most cyberattacks are influenced by money, whether they take it from you or blackmail you into giving it to them.
You Wouldn’t Give Away Money Or Data To A Stranger – Would You?
There is a prolific new-style of social-engineering ‘impersonator emails’ infiltrating the inboxes of users, despite their spam and email defences. This new breed of deceitful emails is able to arrive in your inbox as they are sent from genuine accounts, of non-cyber-criminal-masterminds – that you may even know. The content of these malicious emails varies from ransomware to social engineering, whereby you are deceived to pass over money or data to someone that you trust. The recent spate of impersonator emails may be sent from real accounts which have been hacked or the owner’s private credentials have been stolen.
Cybercriminals may harvest credentials through social engineering or conduct a Dictionary Attack. The latter is when a hacker exploits known communication endpoints, such as a router, domain or website, and systematically tries to login using common previously verified and hacked credentials in an attempt to match correct password, thus seizing ownership of that user’s rights.
Another form of impersonator email is when a malicious email is disguised by a cybercriminal through convincing graphics or a ‘HTML trick’, which makes it difficult for the receiver to identify that the sender account is fraudulent. Logos, fonts, colour schemes, branding and sender addresses are cloned to appear genuine and gain your trust.
One Click Is All It Takes
An example of the threats that these emails contain is Ransomware, which masquerades as a friendly link or download, however, it just wants you to activate it and let the bedlam begin. The malicious software will begin encrypting your files to copy/steal your data and your user rights on your network may also be compromised. The only way to retrieve ownership of your data and rights is to pay a ransom. Your spam defence is more likely to catch emails with ransomware or viruses within them, however, it is less likely when coming from a genuine account, and even less if it is from within your own network.