SPAM. It’s here to stay and you’ll be getting more if it than you can handle thanks to the holiday season.
That’s right. While you’re sipping on peppermint mochas, cyber criminals are hard at work crafting fraudulent imitation emails that look like they’re from reputable companies such as Amazon, UPS, USPS, PayPal, your bank, etc.
They’ll use urgent headlines to scare you into opening and clicking on their links too: “USPS Delivery Failed” “Thanks for your order””We noticed unusual activity in your account.”
These cyber criminals are hoping you open their email so they can steal your money!
Phishing accounts for 90% of data breaches
What will you be doing with all your extra email spam / phishing attacks?
Hopefully you’ll be avoiding them like the plague.
Even better, hopefully you’re using a reputable email filter (such as Proofpoint) that catches spam emails before they make their debut in your inbox.
If you’re not, you need to be extra careful when checking your emails because cyber criminals are crafting emails so carefully, they’re still able to fool tech savvy people!
We’re taking a close look at some popular variations of spam and reminding you not to click on any links, no matter how credible and urgent these emails appear. Also we’re showing you some facts you simply can’t ignore.
Phishing Facts of 2019
- The average financial cost of a data breach is $3.86m (IBM)
- Phishing accounts for 90% of data breaches
- 15% of people successfully phished will be targeted at least one more time within the year
- BEC scams accounted for over $12 billion in losses (FBI)
- Phishing attempts have grown 65% in the last year
- Around 1.5m new phishing sites are created each month (Webroot)
- 76% of businesses reported being a victim of a phishing attack in the last year
- 30% of phishing messages get opened by targeted users (Verizon)
EXAMPLE 1 “USPS Delivery Failed” phishing email
Cybercriminals are posing as the U.S. Postal Service targeting consumers with phishing emails claiming packages are undeliverable. Next, potential victims, click on the fake tracking numbers that can download malicious software to their computers.
This malicious software could possibly include ransomware, which will freeze your computer, making it useless until a large sum of money is paid to the cybercriminal. Another possible malicious software can be spyware, which tracks all your computer activity including stealing your personal and financial information.
Be on the lookout for suspicious looking emails disguised as reputable delivery companies such as FEDEX, USPS, DHL, UPS, etc.
These email may appear to look very authentic, including company logos, fake tracking numbers, or even bar codes.
Subject line example: “USPS Deliver Failed for parcel #59838769273762876″
Dear [EMAIL], hereby we notify you that your delivery tracking #650087 has FAILED to be delivered at the destination address. To claim your package or initiate a new delivery attempt please use the attached document.
Feel free to contact us with any further questions.
Call 1-800-ASK-USPS® (800-275-8777)
M-F – 8:00am-8:30pm ET
Sat – 8:00am-6:00pm ET
Sun/Holidays* – Closed
- Beware of any emails asking you to open an email attachment or click on a link.
- The USPS won’t email residents about parcels. They will only call you or leave a notice.
- Here’s a link to 87 examples of bogus USPS spam emails on the USPS website
EXAMPLE 2 “Fake Amazon Order Confirmation” phishing email
Shopping online? Many cybercriminals are also creating phony online order confirmation emails claiming to be from big retailers like Target, Wal-Mart, Costco, Home Depot, Amazon, etc. They may also include logos from the companies and appear realistic.
You may receive phishing emails disguised as a major retailer with a subject line such as:
- “Thank you for your order”
- “Order Confirmation”
- “Thank you for ordering from [company name]”
- “Order Status”
EXAMPLE 3 “Paypal Unusual Activity” phishing email
Sure, with all the online shopping you’ve been doing, perhaps you used PayPal. However, when hovering over the link, you’ll see it’s not going to PayPal. Don’t click! “Urgent” Emails such as this one rely on you to take immediate action, therefore you’re less likely to take your time and closely examine the email.
Therefore, if you happen to receive a spam message similar to the examples above, it’s strongly recommended that you:
- Do NOT download or open any attached files.
- Do NOT click on any links
- Delete the email immediately.
Our recommendation for email security:
Proofpoint Essentials – The #1 Cloud based email security solution. This Filters your emails in the cloud before they enter your network!
Email threats are constantly evolving. Are your defenses?
Proofpoint Advanced Email Security is a complete solution for email threats and continuity. No other email defense protects you against a broader range of advanced email threats, such as holiday spam mentioned here.
Email Phishing Facts Source: https://retruster.com/blog/2019-phishing-and-email-fraud-statistics.html