Warning on the latest email scam
For many of you who reading this post you are already thinking... “Here we go again, backup, blah, hacking, blah…” Weeelll… Yes, kinda, but a bit different.
Threats to you and your business are ever changing and so is the threat I want to warn you about today. In the last few weeks, we have seen several instances where people have been caught unawares by fake emails, usually from known contacts. These emails have either links in them to view files, or documents to sign or have a file attached for their review.
Yes, yes... you’ve heard of this right? Well as I said it’s a little bit different.
IMPLICATIONS ARE FAR WORSE THAN WHAT YOU HAVE IN MIND
The latest batch of emails is taking a user to a fake Office 365 or Gmail login portal and asking them to enter their username and password. As most people are less conditioned to think about the sensitivity of their email as opposed to their banking details etc. They are apparently far more likely to comply and enter their details. This usually then results in the page not going anywhere and the user thinking that’s a bit odd.. but usually then moving on to the next item on their ever-growing to-do list.
What has happened here is the username and password for your Gmail or Office365 account have been captured and the criminals who perpetrate these scams now have access to your emails.
Now at first glance, you think that’s not so bad...
WHY THE BIG FUSS?
Well, consider this. What is in the contents of your previous 10 years of emails that you probably have stored on that server? How many passwords, credit card details or other sensitive pieces of information may be found by a few simple searches? Ahhh, now you see why it’s a problem?
WHAT CAN YOU DO?
Our best advice is to firstly BE CAREFUL! And for you to also make the others in your work and home aware of this. The second thing that can be done is to set up 2-factor authentication or 2fa on your email account. You are probably aware of 2-factor authentication from things like your iCloud login, it requires a password and then sends a code to your mobile which you need to enter. The same thing pretty much. However, it means that if you do happen to give away your username and password that it is a lot harder for the hackers to gain access to your emails and the sensitive information stored.
QUESTIONS?
Please contact the team at P1 Technology for more info if you want to discuss what you can do to protect yourself and your client's sensitive information.
Di, Luke and the Team
« Back to News