11 Feb How to stop dodgy email threats
“Your account is being used by another person”
“Your account has been hacked”
“Caution. Hackers have control of your account”
“Your account has been suspended. Waiting for payment”
These are just a few of the subjects for many emails causing concern for people in recent weeks. Obviously, these sound alarming – but are they something you should be worried about ?
Email is fast becoming one of the most dangerous ways a hacker can infiltrate your organisation. Whether it’s by attachments pretending to be harmless PDF documents or phishing type emails containing web links that send you to a website asking you to login with your Microsoft details. The former can encrypt all of your data and hold you to ransom whilst the latter tricks you into giving your Office 365 password so the hackers can take control of your mailbox and the data within it.
Over the past few weeks and months we’ve noticed a significant rise in a different type of ransomware email.
There are several variations (see the examples at the top), one of the most common has the subject “This account has been hacked! Change your password right now!”
The content of such emails go on to say the hackers have taken over your PC and have tracked you visiting potentially embarrassing websites. They have also taken footage of you through your webcam, so would like to extort lots of money from you.
To make the threat seem more real and make you think they have actually hacked your account (or a colleague’s) the email may supposedly come from your own email account (or a colleagues).
From the examples we’ve seen over the past few weeks the sender addresses have all been ‘spoofed’. This means that the hackers have changed the address so it looks like it has come from someone else when they haven’t. They have covered their tracks so to speak. Therefore if you do receive emails like this they can usually be ignored and deleted.
That is not to say all emails like this are harmless. Therefore if you are unsure please feel free to contact us so we can look further into the details of the email you have received – or the metadata. This will give us extra information about where it came from. We can also analyse the email logs on the server to see if the email was actually sent from your own email system.
So what can we do about these emails? Can they be blocked?
These days, most email systems (such as Office 365) have their own built-in spam filters. Ordinarily these will block most malicious and spam emails and put them in your Junk folder – allowing you to safely review. However, a new type of malicious email comes along and the spam filters will have to ‘learn’ about the new characteristics and traits of these new types. The spam filters do have quite a job on their hands, as spam emails change their characteristics very frequently – to avoid being detected by spam filters!
So it is strongly advisable to have an additional layer of protection with an Anti-Spam email filter service. These sit between your email system (eg Office 365) and the internet, and they scan all inbound (and outbound emails). Any emails blocked are sent to you in a safe ‘digest’ on a daily basis, allowing you to review any which really should have made it through. The software also allows you
When you consider the damage these malicious emails can cause, having this added layer of protection will soon feel like money well spent – especially at just £1.50 per mailbox per month.
If malicious emails and spam are a big problem for you and your business and you’d like more information about blocking them please call us on 0121 663 0203 – we’d be happy to help, and to advise on the best protection for your business.