Cyber Security - Email Scams
Cyber Security is a real hot topic presently. One of the Government's flagships initiatives is 'Cyber Essentials' a program that is rolling out to raise the awareness to businesses of the cyber threats that exist that can cause at best an inconvenience to your business, and at worst force your company to close.
At www.spartanoutlet.com we have to be on our toes all the time to guard against the constant threat of cyber crime to penetrate our systems, or to just dupe our staff into opening up some nasty piece of malware or virus. Today I am posting an example of just one of the kind of things that you may be subjected to which can cause all sorts of untold havoc - The Email Scam.
This morning I received an email that is branded up to look like an official email from the Insolvency Service. As you can see from the attached image, on first impression it looks relatively convincing with the government department logo and its layout etc. Ultimately this email is designed to concern the viewer into thinking that their business is in trouble in some way and to get you to want to try and find out exactly what the problem is by trying to find out more detailed information by clicking on the DETAILED INFO link in the blue square.
Clicking this link is the opening of Pandora's box, and this is when you will be either diverted to a further website with a call to action, or it may execute some malware/ransomware or virus. Either way, you don't really want to find out as it may be the click that detonates your business!
What to look out for
Should you ever receive any kind of email of this nature and you believe it is genuine and you want to investigate it further, here are some pointers on what to look out for at first, and what else you can do to investigate the email further without harming your PC or network.
As you can see in the attached image of the email, I have circled in red the 2 main obvious giveaways that indicate this email is totally false and is a scam. The first at the top of the image is the email address that sent the message to you. In this case we can see that it reads 'email@example.com' straightaway this should be ringing alarm bells as this domain has no relevance to the UK Government. As you may be aware, all Government domains and URL's all end with '.gov.uk' and normally with a relevant precursor name. To reinforce this you can always do a quick Google search of the domain and see what it throws up. In this case the domain arkeonemlak.net did not find anything and shows that the domain does not respond. This is another great sign that we are dealing with a scam.
Secondly you can then see in the attached image the second red ringed section which shows the address behind the link DETAILED INFO. You can see this address, and any address sitting behind a link easily by just hovering your cursor over the link without clicking anything. Again you can see that the address behind this link goes to some Word Press based website which shows no indication of it being related to a Government website.
If you do really want to open the link, then only do so in what is known as a 'sandbox' environment. Most reputable anti-virus/internet security software packages will allow you to open a link in a protected sandbox environment which will isolate the action and protect your PC and network from whatever would normally happen when opening something like this. If you right the link initially, your software should present you an option to open the link in a safe manner.
So hopefully this post will contain some useful information and if you remain diligent when inspecting your emails, you should hopefully spot these type of suspicious emails well in advance.
Share this post