How to Tell if an eMail is Real or Faked

Last month we wrote about the consequences of having  a small business owner email account stolen.  This article is about an expolit that happens far more frequently.  Phishing attacks happen every day.  Good anti-spam/anti-spyware systems can provide a lot of protection.  We use and recommend Mimecast for our clients.  Still, it's possible for sophisticated fraudulent emails to get through. Here's some good advise for everybody regarding how to check emails, even ones that appear to be from trusted senders.

By now, you’ve heard about phishing – fraudulent emails that masquerade as communications from a legitimate source that trick unsuspecting readers into giving up personal information or compromise their machines with spyware or viruses. Thankfully, email filtering and security has improved a great deal over the past few years. Unfortunately, no matter how effective the security, some phishing emails will always make it to the inbox – that’s where you come in. Here are some tips to help you identify a phishing or spoofing email.

Don’t trust the name

A favourite phishing tactic is to spoof the display name of an email. It’s easy to set the display name of an email to anything – you can do it yourself in Outlook or Gmail. It’s the simplest and most easily detected form of e-mail. Spoofing involves simply setting the display name or “from” field of outgoing messages to show a name or address other than the actual one from which the message is sent. When this simplistic method is used, you can tell where the mail originated by checking the mail header.

You can’t trust the header 

It’s not just the display name that can be spoofed, but also the email header. Emails are built on some very old technology (in internet terms): SMTP, or Simple Mail Transport Protocol. When you send an email, it goes to a SMTP server first, then the message is relayed from SMTP server to SMTP server across the internet. When the message arrives at its penultimate destination, the email is stored in the recipient’s mailbox at a POP3 (Post Office Protocol 3) server. Finally, the message is fetched by an email client so the recipient can read it. While this may seem complicated, the important thing to remember is that SMTP just passes along what it was given. Clever fraudsters can fool the SMTP server into sending along an email that isn’t legitimate.

There are several, technical ways to figure out if this is the case, but the simplest method is to see where the “reply to” section of the full header will lead you to. If it indicates that your reply would be redirected to an address that’s different from the sender’s address, then you have good cause to be suspicious.

[More]

Data Breaches Making the Headlines in 2016

We've written about a small business user and his aftermath of Yahoo 1Billion email address data breach.  There were plenty of others.  Here's a summary of some of the other major data breaches in 2016.

980 data breaches occurred in 2016. That left an approximate 35,233,317 known records exposed. Over the years, data breaches have become more sophisticated, and cybercriminals target both large corporations and small businesses.

2016 saw a string of data breaches that left sensitive information of millions of people at the mercy of cybercriminals. In addition to financial consequences, these data breaches ruined customer trust and the reputation of the companies in question.

As we look back at 2016 here are some of the most impactful data breaches that shook the world.

[More]

A Yahoo eMail Hack Victim

Nearly every day, we read scary stuff regarding the Yahoo email hack last December. In these pages, we try to be careful about “crying wolf” and being overly sensational. However, this story resonates because it could happen to any of us and involves a friend.

Last Friday, a business owner and friend of mine in another part of the US in a non-technology business told me a tale of how an innocuous mistake has spun out control and is threatening the existence of his business.

The mistake was simple – one that many of us could make even though there are plenty of warnings out there. Last Monday, his company sold a multi-thousand dollar item to an individual in Minnesota. Payment had been arranged to be made via wire-transfer. My friend emailed the buyer the wiring instructions including the bank, routing, and account numbers.

[More]

Don't the Grinch Steal Your Identity

Tis the season. Lots of online shopping. Lots of in-person shopping. Lots of travel. All opportunities to have your identity stolen. Here are some basic tips to hand on to your identity so the bills you receive in January are for the items you actually purchased!

The holiday season is a time of merriment for one and all. That includes scammers, fraudsters, and thieves too. It’s the best time of the year for them to do their worst.

More people will be shopping, partying, traveling, and generally letting their guard down. This gives these criminals an avenue to unleash the Grinch in them.

As the years roll by, holiday-related crimes have evolved. Petty thieves who were once satisfied with pickpocketing or stealing a carelessly placed shopping bag have grown into more complex identity thieves. The few dollars in your wallet have little or no value to these criminals. However, your driver’s license, SSN, debit cards, and credit cards have far more value than you can imagine. The underground economy is a thriving playground for identity thieves.

[More]

How to Respond to a Data Breach

These days, data breaches seem to be daily occurances. Most of the time, we may be learning that the breach happened to someone else and the end users are being notified to act accordingly. But what if it happens to your firm or organization? This FTC article discusses the first steps to take and has links to additional information. Contact us as well. We can help. 

You suspect that your business experienced a data breach. Maybe an employee lost a laptop, or a hacker got into your customer database, or information was inadvertently posted on your website. Whatever happened, you’re probably wondering what to do next. 

The FTC’s new Data Breach Response: A Guide for Business outlines the steps to take and whom to contact. Here’s a glimpse of what’s inside.

You’ll need to move quickly to secure your systems. Some immediate steps include:

  • Secure physical areas potentially related to the breach. Lock them and change codes, if needed.
  • Stop additional data loss. Take all affected equipment offline right away, but be careful not to destroy evidence. Monitor all access points to your system. If a hacker stole credentials, you’ll need to change those credentials too, even if you’ve removed the hacker’s tools.
  • Remove improperly posted information from the web. After you clean up your site, conduct a search to make sure other sites haven’t posted the information. If they have, ask them to remove it.

    [More]

Previous Entries / More Entries