Are scammers getting smarter or are we too busy to see beyond their intentions?
It is 2020 and you are well aware of phishing scams. You know you shouldn’t reply to those emails from someone claiming to be your distant wealthy relative needing to send you millions of dollars out of the blue. But what happens when you receive an email that has a legitimate sender, but the content is suspicious? Or what if your account on Apple or Netflix has been “hacked” and you are asked to simple «click here» to fix the issue? Will you trust them over your newfound wealthy uncle?
Phishing scammers are using our everyday activities and curiosity against us. In April this year, Google announced that they were blocking 18 million scam emails every day related to COVID-19. Additionally, we have also seen a compelling increase of phishing attacks as presented by the “2020 Phishing Attack Landscape Report” by GreatHorn where over 300 cybersecurity professionals provided their experiences throughout the COVID-19 pandemic. Criminals are taking advantage of the situation and with it, they are passing almost undetected as we are focused on balancing life and work when home offices and digital meetings are the new normal.
Some examples of these clever phishing scams include hiding malicious links in Google files, where the sender is actually coming from Google’s servers:
Or a text message that coincides with, for example, an expected package:
Although our days are hectic and we receive invitations to join digital meetings throughout the day, we might want to start looking at links a little closer. Ask yourself:
Is this really what I am expecting?
Would a company send me a reminder through Google Slides? Is my postal office really sending me a text message from Samoa? If the answer to each of those questions is nowhere near YES, then submit those emails to your IT department, and while you are at it, check the information shared by the Norwegian Center for Information Security (NorSIS: Norsk senter for informasjonssikring) on their website and at Nettvett[.]no.