Spotting Malicious Emails
At HBP Systems we have recently been sent some hoax emails in our inbox which we wanted to warn as many other businesses about as possible. There have been a variety of emails including remittance emails, invoicing emails and emails from what looks like your bank.
If you are a HBP Systems customer you will have already seen our monthly help sheet on the topic, but please be aware that the threats are changing on a regular basis. If you are concerned about the security on your IT network then please talk to us as soon as possible.
You, and your staff, can be easily tricked into opening hoax emails as they usually look quite legitimate and it can give you a bit of a fright seeing emails that say you owe money, or that money has been taken from your account. This could cause you to open any links that are attached – but you should be highly precautious and check assets such as the email of the sender. For example hover your cursor over the links attached to ensure the text matches and proof read the email for any obvious errors before you even consider opening them.
For example, the image above shows one of the emails that is currently finding its way into our inboxes. This type of email is almost believable – until you look at the senders email address (which you can see doesn’t come from an actual company) and then you may start to have doubts about opening the attachment.
This example shows an off-domain hyperlink. The senders email address shows “clear-it.com”, which seems to be legitimate as the email is from CLEAR Support Team – however as you can see, by hovering over the link, a tooltip shows you the destination URL. In this case, it’s nothing like the domain that sent it. This is a simple check that could save a lot of frustration in the future.
We have also noticed hoax emails from what looks like a bank (e.g. HSBC) saying that our credit/debit care has been deactivated. This may cause a huge panic to people when receiving this email – but again, there is no proof that it is actually HSBC trying to contact you. There is no verification of an address or telephone number – making it untrustworthy. Obviously having your credit/debit card deactivated can cause a huge issue in some peoples’ daily lifestyles, hence why hoax emails are usually in the format of owing or losing some money.
Emails like this can be very misleading, especially as you are instructed to do something. But in such a basic format and having no proof of the company or even an address/telephone number, you should check up on the sender and ring your bank to see if this payment actually went out. Usually no money will have been taken from your account, and if this is the case then you are certain that this email is a hoax and you can then delete the email from your inbox, or better still mark is as Junk/Spam.
If you have received one of these emails, please contact all of your colleagues and ensure that they take no action from any emails that may look similar. If any attached links have been opened you should get in touch with us at Kamarin Computers for support on how to solve the issue.
email@hbp-group.co.uk
01724 400300