Tag Archive for: Inbox

See this one-word subject line in your inbox? It’s a phishing scam red flag

/in


Email scams often contain elaborate details to entice you into clicking a link or opening an attachment. Usually, there is some heartfelt backstory to why you must open that document or a severe threat of what will happen if you don’t.

These are relatively easy to spot as suspicious if they didn’t end up in your email spam folder. But scammers never stick to the same tactics. Malware is constantly developed to circumvent security measures.

Read on to see how a clever new phishing scheme makes it easier to spread malware.

Here’s the backstory

Emotet is a dangerous malware variant that started wreaking global havoc years ago. It was so devastating that international law enforcement agencies worked together to bring it down in early January of 2021.

It seemingly disappeared for good, only to show up again last November. The malware was once described as “the most dangerous malware botnet in existence” as it locks infected devices into a worldwide botnet system controlled by hackers.

But security researchers at Proofpoint discovered how the malware now tricks victims into opening a malicious attachment. Instead of a long-winded introduction or heartfelt plea, the latest tactic is a one-word subject line in the email.

Researchers noted that it simply read “Salary” or Payment” in most cases with an attachment in the email’s body. The one-word subject might entice people to open the email and click the link. But if you do, your device will be infected with malware.

What you can do about it

The best thing you can do to protect yourself against cyberattacks is to be aware of the tactics used by criminals. Now that you know one-word subject emails with only a link in the body are dangerous, don’t click on the link.

Here are more ways to avoid falling victim to phishing attacks and keep your devices malware-free.

  • Be on the lookout for emails with a one-word subject line. It is the signature phishing scheme of Emotet now, and you must avoid clicking the link found in the body of the email.
  • Don’t click on links and…

Source…

How a Burner Identity Protects Your Inbox, Phone, and Cards

/in


Between vaccine appointment notifications, store pickups, online food ordering, and a general increase in online ordering, I feel like I’ve created three times as many online accounts in the past 18 months than I did in all previous years combined.

Handing out any sort of personal information, whether it’s an email address or a phone number, can lead to spam, data breaches, or harassment. More abstractly, it can also enable tracking by data brokers—companies that take identifiable bits of data, including phone numbers, email addresses, and device-specific identifiers (such as a browser fingerprint or device ID that’s linked to a phone or computer) and then aggregate that data into a marketing profile. One way to protect your personal details from both individuals and corporations is to use alternate details, which you can generate through a number of tools. These “burner” identity tools create disposable email addresses, credit card numbers, and phone numbers, all of which can help protect your main accounts while you do just about anything online.

Private email forwarding: SimpleLogin

A screen shot of the Simple Login app dashboard where the user can create and organize multiple alias email addresses.

If you spend a lot of time online, you likely have dozens of accounts spread across the internet, with sites and services ranging from retail stores you’ve shopped at once to random apps that require your email address to use. You’ve probably handed that email address to plumbers, car salespeople, social networks, and countless others who may have gone on to spam your inbox.

Over the years, I’ve taken two approaches to managing the situation: creating a free email address explicitly for shopping (Gmail, Outlook, ProtonMail, and the like all work fine for this purpose) and using email forwarding to obfuscate that address so I can pull the plug if spam starts coming in.

Email-forwarding services—I like SimpleLogin, which generates a nonsense email address, such as [email protected]—forward any emails sent to that address to your real inbox. If an account gets too much spam, you can block it and start over with a new email address from your forwarding service. This approach is great for shopping, where you may need an email receipt for only a few weeks, or company…

Source…

Receive the latest trending threat insights delivered to your inbox with Recorded Future’s free Cyber Daily newsletter. Sign up now! • Graham Cluley

/in


Many thanks to the great folks at Recorded Future, who have sponsored my writing for the past week.

Recorded Future provides deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the web.

The FREE Cyber Daily email, highlights trending threats selected from the millions of insights sourced by Recorded Future over the past 24 hours.

Which means that you will be able to benefit from a daily update of the following:

  • Top cybersecurity news
  • Top exploited vulnerabilities
  • Top targeted industries
  • Top malware
  • Top threat actors
  • Top suspicious IP addresses

Cybersecurity professionals agree that Recorded Future’s Cyber Daily is an essential tool:

“I look forward to the Cyber Daily update email every morning to start my day. It’s timely and exact, with a quick overview of emerging threats and vulnerabilities.” – Tom Doyle, Chief Information Officer, EBI Consulting.

Sign-up for the Cyber Daily today and use Recorded Future’s threat intelligence to stay ahead of cyberattacks.

If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Source…

Inbox Attacks: The Miserable Year (2020) That Was – Threatpost

/in



Inbox Attacks: The Miserable Year (2020) That Was  Threatpost

Source…