We wanted to make everyone aware of the latest spam email that included the headling PLEASE VIEW ATTACHED as it has been making its rounds through the email-sphere.
There is a common phishing email that attempts to trick recipients into downloading attachments that claim to come from FedEx or another similar delivery services, which claims to have an attachment or link concerning delivery or package that is meant for you.
If you don’t have a Spam Filtering Service like EveryCloud or Proofpoint AND Multi-Factor Authentication turned on then someone in your organization with fall for a scam and cause a lot of headaches, that’s a guarantee
There are also similar iterations of the ‘view attached’ emails that proclaim that they are coming for a scanner@ or copier@ of domain you may recognize. These are common types of “Spear Phishing” emails to avoid, lately, however, the spammers are removing virus attachments (because spam filters are catching them) and are telling you to access a Google Drive or DropBox file that was sent to you and then will provide you a link where to download it.
These links will send you to a site that looks legit but is, in fact, A COPY of the true website. Often times these types of email will come from people you know but beware because their email address may have been hacked or a spammer may be “spoofing” (or copying) the email address.
Watch this extremely short Video we made that outline the Best 2 Ways to Recognize Spam Emails
So what is “Spear Phishing”, it’s a spamming technique that uses our social behaviors to get us to download their virus or click on a malicious link.
There are certain cues we take when we see phrases that indicate safety (RE:, see attached, check out this link, link to large file, FW:, etc.).
Spammers study click rates so they know what gets people to open or download an email, spammers also know our habitats so they target us with these techniques because they know it works and they know that their emails will have a high success rate.
If you receive an email that is asking you to click on a link to download something just HOVER YOUR MOUSE OVER THE LINK and this will tell you where the link is actually taking you.
Spammers keep getting better because they get to send millions of emails and learn what works
Their goal is to take you to a website that looks legit but is actually a deceiving copy of the legitimate website; their goal with this is to get you to attempt to login to the fake site, thereby submitting your username and password into the fake website’s database.
Once you type your email address and password in, the spammer will use that to log in to your email and will then mine your contacts and then forward the spam email in your name, they will even go so far as to create email routing rules to automatically delete the responses you are getting from your contacts so make sure to check any email rules or Out of Office Messages if you were hacked.
If you weren’t expecting an email from someone, it is advisable to ALWAYS ask the sender if the email they sent was legit or you can forward it to LME and we can take a look and let you know.
Waiting 30 minutes for an “all clear” or “it’s fake” response is much better than submitting all of your emails and contacts to some spammer on the other side of the world.
