In 2014, the volume of SPAM went up 250%.
More and more cyber criminals have shifted their focus in hopes of preying on the weakest link in the security chain: the end users. Instead of seeking to compromise servers and operating systems, they send out phishing scams and spoofs that exploit users at the browser and email level.
When it comes to email security, the best defence is making sure your people are aware of the threats, and know what to look out for.
Here are five tips to help identify SPAM, and stop it from infecting your system:
Always check who the email is from. Most often SPAM will come from an unrecognizable sender, but that isn’t always the case. Recently our security team encountered a spoof email that, once opened, would hijack the users’ email and send out emails to their contacts.
Check the spelling. Scams often contain spelling mistakes or oddly worded sentences.
Read the message. Are you the winner of a contest you never entered? Is there promise of lost inheritance, free electronics, or revolutionary pills? If it sounds too good to be true, chances are it’s SPAM.
Watch out for strange links. The purpose of an email scam is to get you to click a link or download a file. Hover over the link to see its destination. Only click links from trusted senders.
Look for attachments. Malware and viruses are often hiding in attachments. Never download an attachment from a sender you don’t trust. In our most recent run-in, the attachments were called ‘wire transfer receive.zip’ and ‘paymentxxx.zip’.
Should anyone of your team fall victim to a scam and you’re system is infected; McAffee has a free tool that may help. For years they have offered a stinger tool that can detect and remove common viruses. Let’s be clear, it’s not an alternative to more comprehensive security solution, but it’s a good first place to look.