As the New Year kicks off, we are being hit with (as the title suggests) a slew of new phishing threats. Netflix, Apple and Office 365 users may be wondering exactly why these services have been sending them emails requesting password resets or updated credit card info. As it turns out, these are three big names being used to target unsuspecting account holders in a new round of phishing schemes.
These new phishing attacks follow the “normal” pattern of attacks. Hackers cast a wide net to various email accounts across the Internet under the guise of being legitimate emails from services that users are familiar with. The emails seem innocent enough - something along the lines of “the credit card we have on file has expired, please click this link to update it” or “for security reasons your password needs to be reset - please use this link and secure your account as soon as possible.”
Unfortunately, as we all know, with phishing schemes, these links don’t take you to the real Netflix or Office 365 login page, but a spoofed page where innocent account holders are tricked into providing hackers with personal identifying information, credit card information and passwords.
It can be difficult to tell if an email is coming from a phishing attack or if it’s legitimate. After all, if your credit card information is out of date, you may actually get an email about it and you’ll definitely want to update it as soon as you can so that you don’t run into any issues with your service being cut off.
So, what can you do to protect yourself from falling victim to these new phishing threats? We’ll tell you.
First thing’s first - don’t click on suspicious links. In fact, avoid clicking on all links, even if they don’t look suspicious. The general, overarching rule of website security is that a company will never send you an email asking you to change a password or update billing information by “clicking this link.” They will probably send you an email telling you those things need to happen, but they’ll tell you to “log into your account.” They won’t provide you with a link - just instructions. So, with that said - just go right to the company’s website by typing their URL directly into your web browser and conduct your business (password changes, credit card updates, etc.) from there.
BUT, for the sake of this blog post, let’s say you’re just curious and before you take the trouble of going to the website and changing your password you want to know if it’s even a legitimate email. Here’s what you do. Hover your mouse over the link (again, do not click it!) and see what pops up. If the URL looks a bit off, it’s most likely not coming from a legitimate source. But again - and we cannot stress this enough - don’t click the link anyway. Take the extra step, type the URL into your web browser, and handle it that way. The few extra clicks could save you a lot of time and trouble in the long run.
The success of a phishing attack lies in the hacker’s ability to spoof the email addresses of legitimate companies. However, unless it’s an email actually coming from within that organization, the emails will probably look a bit off. Generally, a legitimate email from a company will be from “____@company.com.” In some cases, they may use a prefix, like “____@email.apple.com” - but in all cases, this will be consistent.
If you’ve been binging true crime podcasts and are feeling a bit detective-y, take a look back through your old emails and see if you’ve ever received an official email - one you were expecting from the Apple App store after making a purchase, for example - to see if the emails match. If it doesn’t, it’s probably fake. And - of course - if it looks nothing like an email coming from the company it says it is, it’s definitely fake.
Are you ready to take your organization’s security to the next level? For more information on keeping your organization safe, download our whitepaper Security In Layers.