Waiting on a package from somewhere? Be careful, it could be a scam called the “waiting package” scam. How original.
According to the US Federal Trade Commission, “The messages are coming from scammers. In some cases, they’re targeted at college students. In that version, scammers text returning students to say there’s a package waiting for them — sometimes claiming it’s been waiting since last spring, when many students had to go home from campus quickly.” Don’t click that link.
As crazy as it is to believe, spammers would not keep throwing out spam unless they got a return on their investment. So, while it might seem unlikely that someone would fall for the fake pill spam that has been going around forever, somebody must be falling for it or it would have died out a long time ago.
If you don’t know what a “car wrap” is, it’s a company that pays people to drive their car around “wrapped” in a company advertisement for a fee. Seems like pretty easy money. Which is probably why scammers decided to turn it into a scam.
The one thing you could always count on with a phishing page is that something would give it away as a phishing page. After all, it’s not the real page, so there must be something different about it. Protecting yourself from a phishing attack simply came down to being able to identify the clue that gave away the web page as a phishing page. But what if attackers could find a way to phish you with the legitimate page you actually intend to visit? There wouldn’t be any clues giving it away as a fake page because it isn’t. That would be a problem, and unfortunately that problem has become reality.
Beware of photo sharing messages from Google. It’s a scam according to the Better Business Bureau.
From the BBB, “You get an email or text message that appears to come from Google Photo. Someone is sharing an album of photos with you. To view the photos, you just need to click the link. The message looks so real! It may use a convincing URL, which has been created by Google’s goo.gl URL shortened to appear to be an official Google domain name. The catch? There is no photo album. It’s a phishing con.”
We forward business emails all day, every day and never give it another thought. But maybe we should. According to a University of Arkansas law professor, it could violate copyright law.
“In a major article examining the strength of legal arguments to protect private email expression, a University of Arkansas law professor concludes that, based on the historical common law, today’s Federal Copyright Act does not protect someone from copying and distributing another person’s private expression, which means that forwarding email without permission of the sender may be against the law. Going back more than 250 years, the common law recognized that authors of personal correspondence hold absolute property rights in their private expression,” said Ned Snow, assistant professor of law.
Talk about an oldie but a goodie. What would you say if I told you criminals have resorted to one of the oldest scams there is? Stealing checks out of mailboxes. Do people still send checks through mail? Apparently, they do.
From Scamicide, “criminals around the country are stealing mail with checks in them from U.S. Postal Service mailboxes, ‘washing’ the checks to remove the name of the person or company to whom the check was made out and then writing in their own name.” The solution to this of course is simple. Stop sending checks in the mail.
The first wave of pandemic-related phishing attacks targeted vulnerable employees and consumers. There wereattacks that used home delivery services andattacks that used travel-related services. There wereattacks on spoofed resumes andattacks on the SBA’s Office of Disaster Assistance. Now hackers have moved on to the gainfully employed by attacking the virtual private networks (VPN) that remote workers use to connect to the office while working remotely.
Who are the most targeted brands for scams? Microsoft, Apple and Amazon. Today we have a scam to tell you about for all three. First, Outlook.
The interesting thing about this scam, is the tact the scammers took. “Out are the implied threats, the exclamation points (!!!) and the money ($$$) you might lose if you don’t act right now; in are the happy and unexceptionable ‘here’s a problem that you can fix all by yourself without waiting for IT to help you’ messages of a sort that many companies are using these days to reduce support queuing times.” You can catch more flies with honey than vinegar.
Let’s face it, hackers do whatever they can to get you to click on their link. And they have a lot of tools in their toolbox to get you to click. Everything from social engineering to display name spoofing to domain name spoofing. It’s all to get you to do one thing: click the link.
Look here, another Amazon phishing scam, this one courtesy of Scamicide. From the article, “The latest Amazon phishing scam starts with an email that appears to come from Amazon when you do not have any email security service, informing you that your accounts have been locked due to suspicious activity. You are prompted to click on a link to verify your account within 24 hours or risk having your account permanently shut down.”
The US Small Business Administration (SBA) does the important work of supporting small businesses in the US. They provide a lot of resources, but none more important than small business loans. And with the onset of COVID-19, the organization has come up with unprecedented emergency financial relief options for small businesses. And of course, with that much money being made available, it was only a matter of time before hackers tried to get their hands on it.
What’s old is new again. And what is it that’s new again? The venerable old jury duty scam. Apparently, it’s making the rounds again, so be on the lookout.
According to Scamicide, this is how it works. “Generally, the scam starts with a telephone call that you receive purportedly from a law enforcement officer informing you that you have failed to appear for jury duty and that a warrant has been issued for your arrest. You are told, however, that you can avoid arrest and greater fines by purchasing gift cards and then sending photographs of the gift cards to the phony law enforcement officer to prove that they have been purchased. You are then told that you should then mail the gift cards to the local Clerk of Court’s office.” Gift cards? Really?
The latest Threat Intelligence Report is out. Its findings are based on an analysis of 195 billion emails analyzed from January through June 2020. Of that large number, an astonishing 47% were flagged as malicious or spam.
It won’t come as a shock to learn that there were two main themes in the threatening emails this spring. According to HelpNetSecurity, “Two main trends ran throughout the analysis: the desire for attacker’s monetary gain and continued reliance on COVID-19-related campaigns, especially within certain vertical industries.” From the report, “One of the most significant observations of this research is that threat actors are launching opportunistic and malware-based campaigns across multiple verticals at volumes never seen before.”
The Simple Mail Transfer Protocol (SMTP) server is a communication protocol or the technology behind email communication. In other words, SMTP is the protocol that allows you to send and receive emails. Every SMTP server has a unique address and needs to be set up in the mail client that you are using. If you are using SMTP host Gmail for example, then the SMTP address is smtp.gmail.com. If you want to find the address of the SMTP server you are currently using, you can easily find it in your email client settings.
After 89 years, the Washington Redskins are losing their team name. But, that’s not the only thing that got lost this week. So, too, did people’s money who tried to purchase the suddenly-hard-to-find merchandise.
According to Scamicide, “the termination of the old name and the refusal of major retailers such as Amazon, Walmart and Target to sell Redskins jerseys, caps and other merchandise carrying the old name and logo has created a demand by many people seeking to purchase the soon to be rare merchandise with the old name and logo. While there are legitimate sellers of these items, scammers have also sprung into action and have set up websites offering the merchandise at bargain prices. Of course, these bargain prices are no bargain because after you order the merchandise online, the merchandise never comes.” Maybe you should wait to buy a new jersey.
It’s 2020, which means it’s time for another Presidential election in the U.S. The big question is, who will win? But an even bigger question is, will we be able to trust the outcome? There are evil forces out there who’d love nothing better than to manipulate the outcome of the election for their own purposes. And what way are they most likely to do that? Through phishing, of course.
SMTP (Simple Mail Transfer Protocol) is a primary communication protocol to transfer emails between servers. An SMTP mail server uses a relay service to communicate with another SMTP server. Mostly, SMTP email servers are ideal for outgoing email updates, newsletters, and website notifications. SMTP relay service is a means to make these frequent email communications much more efficient with a web application, WordPress website, and a custom domain address. Email communication efficiency significantly impacts an organization’s day-to-day functions.
Amazon Prime users beware. There’s a scam out there and it’s direct right at you. According to Tech Radar, “The scammers target victims via an automated telephone call claiming that they have opened an Amazon Prime account and that they should ‘press one’ to cancel the transaction. However, doing so will connect the call to a fraudster posing as an Amazon customer service representative.
If you take an email security awareness training class, you’ll learn a dozen ways to spot phishing email. There are a lot of clues. Maybe the email contains poor spelling or grammar. Or maybe it contains an offer that’s just too good to be true. All of those are giveaways. But there is one clue that’s a more reliable predictor of a phishing email than any other one: the “from” address. If you truly know who the email is from, you’ll know whether or not it’s legitimate.
