SCAM OF THE WEEK: The Keep-It-Simple Scam

In a new scam, cybercriminals use short, simple phishing emails to try to sneak past security-aware employees. The scam itself is a typical credential-stealing phishing attack: You receive an email notification stating that some of your emails could not be delivered. To review these emails, you are directed to click a link. If you click the link, you are taken to a fake login page and any credentials that you enter on the page will go straight to the cybercriminals.What makes this scam unique is the simple phishing email. The email looks like a plain text alert with only a few lines of information and no images or logos. With so few details to look at, it could be difficult to determine if the email is legitimate. To match the plain text design, the link in the email is a long URL instead of the usual “Click Here” type of link. Cybercriminals want you to trust the URL, but if you hover your mouse over the link, you’ll find that the link does not lead to the URL shown in the email.Follow the tips below to help you stay safe from similar, simple scams:

  • Never click on a link in an email that you were not expecting, even if it appears to come from a program or application that you use.
  • When you receive an alert email, ask yourself questions such as: Did I sign up for email notifications? Have I received alerts like this in the past?
  • If you think the notification could be real, log in to the program or application directly instead of clicking the link in the email.

For more information about IT and cybersecurity services for small and medium businesses or to schedule a free initial consultation with no obligation for your business, contact ORAM Corporate Advisors now at (617) 933-5060.

Previous
Previous

New Zoom Feature: Gesture Recognition

Next
Next

ORAM Leveraging Advanced Software to Battle Ransomware