We are now living in an age when hackers are looking for any advantage they can to get your information. Be on the look-out for phishing emails and phishing websites. The hackers are taking advantage of and using people’s fears and desperate attempts to stay up on the current news for the COVID-19 pandemic.
These emails can look remarkably legitimate. They can come from what appears to be a trusted source or company. They may even look like they come from your company. Social networking has provided a plethora of information for the hackers to mine. Just think about all the stuff you share on-line, specifically sites like Facebook or LinkedIn. A good majority of companies have a LinkedIn account. It takes only a few minutes to figure out who the management team is and copy your company’s logo.
Now they have a perfect counterfeit email that they can send to you. They may even register a fake domain that looks really close to your company’s. A domain is the part in the email address after the @ symbol. So they will create a domain like @ac.me.com instead of @acme.com They look almost alike if you are not paying attention. Hackers then can send the email from your CEO’s now look alike account:
They have the company logo, the signature line and the correct person. You have been phished. Worse yet, you, being from HR, have now downloaded the file that said it was a new resume. You downloaded the virus file that has just now locked up your computer with ransomware, and it was a worm, so it also locked up everyone else’s computer in your department.
What You Can Do
Take your time when you receive an email and read it.
Make sure the links go to trusted domains, you can see where the link goes by hovering over the link text. For example:
The link looks like it is going to bring you to acme.com, however, it really is going to bring you to wwdot.net.
If you are unsure, call the person that the email was supposed to have come from to verify.
Some phishing emails have broken English or the wording is just off enough to make you second guess. Trust your instinct.
Get a good virus protection. We recommend an Endpoint Detection and Response (EDR) software from SentinelOne.
Any questions? Feel free to reach out to us.
As always, stay safe out there!