In our December blog, we looked at the basics of why you and your customers need email security and the benefits of having a managed email security solution in place. In this blog, I’m going to highlight some of the current email security threats that have been detected as part of our efforts to help prevent these from reaching your inboxes.
Phishing and spear phishing remain popular attacks due to the fact that users still find them difficult to recognize. Cybercriminals are becoming more accomplished every year, running their operations like businesses. They are starting to act like true email marketers, personalizing their messages carefully, which results in their phishing emails looking very real to users. With the influx of emails, messages, and information in fast-paced working environments, it’s easy to fall into the trap by clicking on a bad link or responding to a phishing email by accident.
Cybercriminals do their homework thoroughly, investigating their target organization and digging deep to find as much information as possible so they can carefully craft personal messages using their targets’ names, job titles, direct reports, etc. Social media platforms are making their “job” even easier, giving them access to plenty of personal information to help them craft their messages.
PayPal phishing is a popular form of impersonation attack. These emails request users to take certain actions, such as sending over sensitive information like passwords, bank account details, or credit card details. In some cases, users are asked to confirm or maintain their accounts by clicking on links. This action takes them to a fake website where their information can be collected and used. PayPal is warning users against these attacks, urging them to be vigilant and not log into sites other than the actual PayPal website, where they are required to login securely.
Another trend is account scams, where users get unsolicited emails connected to their personal accounts. A Netflix account scam is currently doing the rounds. The latest scam notifies users that their accounts have been placed on hold due billing issues and requests that they update their payment information by clicking on a link—this has been covered in various news channels, including NBC15 news and ABC13.
Finally, cryptocurrency scams continue to grow. We’ve seen many Bitcoin scams where emails contain links that take users to sites that look almost identical to the genuine crypto exchange sites. Once personal account details are entered on these fake sites, cybercriminals have access to the data and can log in to users’ accounts to steal funds. Bitcoin’s rise in prices over the past year has sparked interest among investors, leading to a major increase in opportunities for cybercriminals.
Defending against cyberattacks over email remains challenging for small-to-medium businesses. SolarWinds® Mail Assure helps prevent phishing attacks with its Intelligent Protection & Filtering Engine, which incorporates data derived from 1.8 million domains. This collective intelligence helps protect against known and emerging threats.
Help keep networks safe from email-borne attacks—try SolarWinds Mail Assure free for 30 days.
Mia Thompson is product marketing manager, Mail Assure, at SolarWinds MSP.
The SolarWinds and SolarWinds MSP trademarks, service marks, and logos are the exclusive property of SolarWinds MSP Canada ULC, SolarWinds MSP UK Ltd. or its affiliates. All other trademarks are the property of their respective owners.