Happy New Year! For most of us, the holidays were a little bit different because of COVID. But, one thing that wasn’t different, was how aggressively cybercriminals preyed on the emotions of unsuspecting victims this holiday season. From possible COVID exposure emails, e-gift cards scams, to sale coupons from retailers, cybercriminals really took advantage of our emotions this holiday season. By now, most people have gotten a phishing email about a possible COVID exposures in some form or another within the past couple of months. These are prime examples of how hackers take advantage of our environment to attack.
If you don’t already know, it’s time you understood why these criminals are not only tugging at your heart strings, but your wallet as well. Scams like these are working more often because these cybercriminals are taking advantage of our common weakness: our emotions.
Scammers know people are more likely to fall for their attacks when there’s some sort of strong emotion attached. Whether that emotion is fear or sympathy, they know you’re more likely to click on their email when emotions are involved. Our Security Phishing and Training program helps users identify fraudulent phishes in extensive detail but here are a few tips on how to spot those fake emails.
• Subject line –These are usually attention grabbing and urgent. This makes users feel as if it’s extremely important that they read the email and do as it says. Beware of trigger words like URGENT, IMPORTANT, and WARNING that quickly grab your attention.
• Links – These lead you to a fraudulent phishing page, where you would be prompted to log in or give some sort of sensitive information. If you were to enter your information, it would fall into the hands of the cybercriminal. NEVER CLICK LINKS IN EMAILS. If an email prompts you to click a link, go to the actual website and log in to avoid any potential phishing scams.
• Misspellings – Although we all have our faults when it comes to the occasional spelling error, obvious misspellings of people’s names or domain names are a dead giveaway that this email may be fraudulent.
• Coupons – Coupons that are sent to your email usually looks like the exact same coupon that is advertised on their website. To avoid any phishing scams, go directly to the website to find the coupon OR type in the coupon code you got in your email on the website to verify that the coupon is accurate. When you clink that coupon link in your email, you’re downloading the malware that allows access to hackers even without you entering any information on the website. DO NOT USE COUPON EXTENSIONS. These are security and privacy risks that collect your data and disseminates it to other shopping websites. Any web browser extension can read everything you do on every web page, including your passwords, so don’t let them install in your browser. If you are a Hybridge client give us a call and we can show you where to look to remove browser extensions.
• E-Gift cards - This was a big one this holiday season. Because we weren’t allowed to do much shopping, many people elected to send e-gift cards instead. To avoid these scams, call the person who sent you the gift card to confirm that this is in fact from them before clicking your gift, or (better) copy the gift card redeem code from the email and paste it directly into the retailer’s website. Never click on gift card links.
These tips on how to spot fake emails, coupons, and e-gift cards can save you from not only thousands of dollars of losses but a huge headache in the process. If you would like more information on phishing and cybersecurity or if you want to join our Security Phishing and Training program, contact us at Hybridge.com.