With the increase in viruses, ransomware, malware, spyware, phishing and cyber crime in general, it’s now more important than ever that e-mail users should be even more cautious. Although we can not warn you against each and every dangerous e-mail (they are generated too quickly), we can however, tell you their characteristics so you can recognise a potentially malicious e-mail yourself.

Think of it this way – say receiving an e-mail is equivalent to running into someone on the street on a Saturday morning. When it’s a friend, neighbour, colleague or acquaintance you’re generally quite happy to see them and have a chat, because you know them. But when a stranger suddenly comes up to you, your reaction will immediately be different. If that same person hands you a parcel, telling you to open it or says “Dear sir, I want to show you something at my home. Won’t you quickly come with me?”, would you trust them and do it?

Just because the internet creates an illusion of distance, it does not mean these two situations should be dealt with differently. On the contrary, you are much more defenceless  and your information easier to access on the internet than on a street corner.

So why would you trust and react to an e-mail that

– wasn’t addressed to you specifically or is not from someone you know,
– open an attachment (the parcel) someone sent to you and
– click on a link of this person’s website (go to his home)?

CHARACTERISTICS

1. Attachments
   It doesn’t matter how you intrigued are about what’s in that ZIP file, do not open it! The second you open an attachment, you open up your PC for any software and files to be installed on it. In the most recent incident of the Cryptowall 3.0 ransomware, a ZIP file was sent with the subject “My resume”. When it was opened, a .js script was automatically run and this encrypted all the data on the user’s PC. (read more about it here)
2. Spelling and language
   In most cases where phishing takes place you’ll notice that spelling and language will be exceptionally bad. Improper spelling and grammar is almost always a dead give away. Look for obvious errors.Also don’t think an e-mail in Afrikaans is necessarily trustworthy. Last year we had incidents where an Afrikaans ABSA e-mail was copied and used to phish.
3. Faulty or unknown links
   Move your mouse over the links in the e-mail (don’t click on them). The text itself might look like a familiar address, but you’ll notice that the actual link directs to somewhere completely different. The same goes for links to e-mail addresses in the text.
4. A generic greeting
   If an e-mail isn’t personally addressed to you, for example “Dear Mrs du Preez” or something likewise, it’s clearly not meant for you, but rather to a large group of people in an attempt to lure one of them. These e-mails are sent out to thousands of different e-mail addresses and often the person sending these e-mails has no idea who you are.
   If you have no affiliation with the company the e-mail address is supposedly coming from, it’s fake. For example, if the e-mail is coming from ABSA bank but you bank at a different bank.
5. No personal information
   There will be no reference to your specific account information. If the company really was sending you information regarding errors to your account, they would mention your account or username in the e-mail.
6. Due dates
   By adding a due date, the sender tries to create a sense of urgency and his hoping this will spur you on to click on the link ASAP, without too much thought, to resolve this pressing issue.

E-MAIL TOPICS/SUBJECT LINES

1. Problems with your bank account
   Where money is considered, people listen and react. Your account has been closed, someone tried to access it, your information has been changed – all these are attempts to get you to click on a malicious link.
2. Money has been deposited into your account
   Around tax season this is a popular choice and it’s usually “SARS” sending out this joyous news. If SARS indeed wants to give you money, they’ll SMS you. (And how often does this really happen?)
3. Delivery of a parcel
   Someone sent you a parcel and you HAVE to click on a link to confirm, otherwise it won’t be delivered. The post office or a courier service will seldom e-mail you about this.
4. Problems with your e-mail account
   Your password has expired or someone else has accessed your account. All communication related to your e-mail account will always be sent from IT. It will be in a specific format with characteristic graphics, the SU logo and it will also be in Afrikaans and English.
5. Competitions
   You’ve won a competition! Or the lottery. Or you’ve inherited a huge amount of money. Did you enter this competition? Did you play the US lottery? And do you know this family member or person who decided you should be their sole heir?

If you are unsure about the validity of an e-mail, rather contact your bank or SARS directly. Anything else you can just ignore. Don’t reply to it – you’ll only confirm that your address is indeed an existing one and you’ll be getting much more e-mails in the near future.

Remember – cyber criminals know our weaknesses and that we are curious by nature. Don’t fall for it, rather outwit them.

Previous articles on phishing, malware, spyware and viruses.

This entry was posted on Friday, March 27th, 2015 at 11:30 am and is filed under E-mail, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.