The Ukraine/Russia conflict is all over the news right now, but the conflict isn’t specific to Ukraine. There is a global increase in the number of phishing emails received. This month’s Security Scam post will focus on phishing emails and how to deal with them.
Scam of the month: Microsoft Phishing
Phishing schemes aren’t new. They’re something we talk about frequently. Phishing emails are those pesky emails that pretend to be legitimate messages. Following the invasion of Ukraine, Russian agents are also trying to invade IT systems through phishing emails and a wide range of other techniques such as DDOS, social engineering, and more.
According to Avanan, Russian-based credential-harvesting phishing attacks have increased eight-fold. Recently, these emails targeted Microsoft users.
The emails appeared with a subject line and a short message from “The Microsoft account team” explaining that a user from Russia/Moscow had recently logged into the targeted user account from a new device.
We’ve all seen the emails from providers about an unauthorized login, and we’re spurred into action to prevent further damage. These emails counted on users responding quickly, including a “Report the User” button that leads the recipient to a “Mailto:” URL. You may have seen the “Mailto:” URL before in websites and other emails; the “Mailto:” URL opens a new email containing a pre-filled message to be sent to a specific email account.
By replying, users would almost certainly receive a follow-up email for login details and maybe payment information.
As a reminder, there are a few ways to recognize scams in your inbox. Phishing emails may:
- Include a fake invoice.
- Want you to click on a link to make payment.
- Claim there’s a problem with your account or your payment information.
- Say they’ve noticed some suspicious activity or login attempts.
- Say you must confirm personal information.
- Say you’re eligible for a government refund.
- Offer a coupon for free stuff.
Many phishing emails have additional characteristics that can help you and your staff spot them:
- Emails demanding urgent action. Emails that threaten a negative consequence or loss of opportunity unless you take urgent action.
- Emals containeng bad grammar and speling mistakes. See what we did here?
- You're unfamiliar with the greeting or salutation. Emails between colleagues usually have an informal salutation, so if you receive an email from salutations not normally used in informal conversation, it may be phishing.
- Inconsistencies in email addresses, links, and domain names. Always check the sender’s email address against previous emails received from the same organization. You can also hover your mouse pointer over the link to check for a legitimate domain name.
- Suspicious attachments. Since many offices utilize collaboration tools such as SharePoint, internal emails with attachments should always be treated with suspicion.
- Emails requesting login credentials, payment information, or sensitive data. Treat any email that directs the recipient to a login page or payment page with suspicion.
- Too good to be true emails. If it seems too good to be true, it probably is.
As a final reminder, if you see something, say something—even if you feel foolish for speaking up. Not reporting a suspicious email can be just as risky as actually falling for the scheme, since someone else may not recognize the email for what it is.
It’s no secret that the supply chain has been interrupted. Technology is no exception. The interruptions in the supply chain will continue to put cost and time pressure on IT projects. We continue to work with suppliers to provide the hardware necessary for Clients. Still, we recommend that Clients try to plan for any hardware upgrades well in advance. That being said, emergencies do come up, and Anteris can help you work around these delays.
How Anteris can help
Once again, education is key to prevention. Knowing what to look for in phishing emails is going to help reduce their effectiveness.
In addition, awareness is just as important in defeating potential threats. It can be overwhelming to try to stay in front of all possible threats; that’s why having a strategic IT partner like Anteris is so important. Schedule a meeting to find out how Anteris makes technology freeing, not frustrating.
P.S. password hygiene
In addition to information about the current happenings in scams and technology, we wanted to leave you a password hygiene tip of the month.
Like a dentist reminding you to floss, periodically evaluating the health of your passwords can help make your accounts more secure.
This month, we want to talk about password length. The days of short passwords should be behind you. While the recommendation is currently twelve characters, we encourage you to utilize passwords of sixteen or more characters.