The U.S. Justice Department indicted twelve Russian military officers today in a history-making spear phishing scam.
The twelve defendants are charged with conspiring to interfere with the 2016 presidential election by stealing information from email accounts of volunteers and employees of a U.S. presidential campaign. While the scam may sound sophisticated, it is a simple digital fraud, and anyone using email can be attacked—if not cautious. Here are a couple of suggestions on how to protect yourself:
With spear phishing, a hacker sends you an email message that tricks you into disclosing your username and password to a secure account.
The email looks like it comes from a legitimate source, such as Microsoft, Federal Express, or other companies you trust. For instance, you might receive a message stating that your email inbox is "99% full." If you're in a rush or not a sophisticated computer user, you might click on the link to clean up your email inbox. You may not realize that this message is a fraud, and clicking on the link installs a malicious program on your computer that records your keystrokes and sends your passwords to hackers.
Many variations of these schemes exist, and new ones keep appearing so fast, that security software programs cannot keep up. Perhaps the most crucial way to thwart a spear phishing attack is by carefully examining links in emails before clicking.
Hovering over the "Clean Up Mailbox" link in this example displays a link to a strange website and not your email program. If the link looks unfamiliar, do not click on it.
Another popular spear phishing scam is notifying you about a package. Here again, hovering over the link in the email displays a website address that is not Federal Express. Often the "from" email address will tip you off to a fraud.
Phishing emails, until recently, were easy to spot because they commonly contained misspellings and grammatical mistakes. A scan of hundreds of recent phishing messages indicates fewer telltale signs. The scammers are getting smarter.
While the cat versus mouse hunt to protect against spear phishing lately has been won by the evildoers, software solutions are growing stronger. For example, Microsoft Office 365 online users, now have a new way of designating an email as Phishing. This new feature of "blacklisting" a malicious message prevents that same scam from hitting you again and gives Microsoft information about its origin. Of course, anti-virus software is a must.
Also, two-factor authentication is becoming more widely used; This requires you to verify your activities using a cell phone in combination with an email address or website login. It is not foolproof, but it is much more difficult to hack.
If you ever have any questions about the information you receive from us by email, please do not hesitate to call us.
This article was written by a professional financial journalist for Private Group Wealth Management, LLC., and is not intended as legal or investment advice.
© 2018. All Rights Reserved.