Phishing, Trojans, Account Hijackers, and more.
Lots of things apart from legitimate mail can arrive in your mailbox, and even then, legitimate email can contain malicious content.
Fortunately, Gmail and other reputable big email providers will automatically block malicious email from even arriving in your inbox.
However, if something gets through, it’s up to you to be able to tell what is legitimate and what is malicious. There are two main types of malicious email:
The Phishing Attempt
Where the sender attempts to convince you that they are someone they are not, for instance, your bank, PayPal, Google, even the Government. More often than not they often claim to be from a postal service wanting you to download a “form” or “invoice” to collect a package, but we’ll get onto that a bit later.
An email arrives, it’s from HMRC, your tax rebate is ready and it’s £500! All you have to do is follow this link and punch in your debit card details and they’ll put the money right in your bank account!
A few days later you check your digital banking to see if the rebate has gone in yet, and your account is overdrawn thousands of pounds. All your money is gone, and then some.
You've been “Phished”! The attacker convinced you that you were entering your details into a legitimate website, took them and cleared out your account with them, probably many other people too. The attacker is now tens of thousands of pounds richer and vanishes into the digital aether. Their fake website stops working, they stop sending emails and are never caught up with. So it goes, most of the time.
How do I stop it?
Is it tax season? More importantly, is it tax season in your country? Scammers are often unaware of cultural differences and target the USA. So, an email from the FBI, CIA, IRS or anything like that demanding information, is definitely fake if you live in the UK; that’s obvious. In the US, not so much, but most government agencies still use the postal service, recorded mail, or they send agents to talk to you in person.
Were you expecting contact? If not, it’s more than likely fake, but even if you were, always call a known good number for whoever it was that claimed to contact you and ask for information about the email.
NEVER CALL A CONTACT NUMBER LISTED IN THE EMAIL YOU RECEIVED!
Common Sense! No company or government body will email you out of the blue demanding information.
The Trojan Horse
This is the scenario: you receive an email from “UPS”. Your package has been delayed and you need to download, fill in, and return a form to them.
You dutifully download the form and open it, you have just downloaded and ran one of three things: A malicious program disguised as a document, a document file with a malicious “macro” or “script” embedded in it, or a file designed to exploit a flaw in the program that opens it. Either way, the code runs and starts making changes to your computer. Whether it’s just deleting files indiscriminately, installing a keylogger or encrypting all your files, you’re now infected with a virus.
If you catch it in time, you can mitigate the damage by disconnecting your machine from the internet and running a full virus scan as well as deleting the file you downloaded. You will need to be prepared that you may have lost important data on your computer or any attached drives. Consider that computer now “untrusted” and don’t run or access anything sensitive on it, or connect external drives, the virus may spread or may be monitoring your actions.
A variant of this attack is receiving an email or link from someone on your contacts list, which you follow, resulting in the above happening. This is a more advanced form of phishing that requires your contact to have previously been compromised. If you then fall for the same trick, your email address may also start sending out the same links or virus.
The first ever email worm, “Christmas Tree EXEC” worked on this principle, you can learn more about it here: https://en.wikipedia.org/wiki/Christmas_Tree_EXEC
Whilst not directly malicious, it spread so fast it crashed the mail servers of the time and caused massive network disruption. It resurfaced again a year later when someone found it on an old machine and ran it again.
These are the simple steps to help verify the legitimacy of an email
CHECK — Read the email thoroughly, do not download any attachments, do not follow any links. Look for odd logos, bad spelling, bad grammar, strange language.
CLARIFY — Is the email from an official domain of the agency? Check the “From” field of the email. (These can be faked, but more often than not it’s just a similar looking address)
CONFIRM — Contact the agency or person in question and ask if they sent you anything. If not,
REPORT — I cannot stress this enough. Inform the agency in question that there is a phishing attack going around pretending to be them. (In the UK, report the email to http://www.actionfraud.police.uk/ and they will investigate as well.)
If you have clicked any links or entered any details IMMEDIATELY call your BANK and contact ActionFraud (in the UK) using the link above. Also, run a VIRUS SCAN on your computer in case anything has been downloaded and run on your computer.
If you are expecting an email like the one that has been sent, but something doesn't feel right, always call a known good number for the company in question and check that they did send you an email with an attachment in it.
The only True Protection from this kind of attack is common sense!