Cybersecurity Knowledgebase

 

You don't need big business tools to keep yourself safe in your emails.

 

A Beginner's Guide to Staying Safe Online

 

Spam and phishing emails are more than just annoying, they're often the first step in a scam designed to steal your money, identity or gain access to your accounts. Whether it's a fake PayPal alert or a bogus tech support message, knowing how to spot and stop these threats is essential in this day and age, and not as hard as you might think!

Let's break it down.

 

What is Spam?

Spam emails are unsolicited messages sent in bulk, almost blindly by 'threat actors', or people trying to cause some sort of harm. Most of these spam emails are harmless ads, but some re designed to trick you into clicking links, downloading malware, or giving away personal information.

Common signs of spam:

  • Generic greetings like "Dear Customer"
  • Poor grammar, unusual formatting, or 'poorly cropped' pictures
  • Unsolicited offers or prizes
  • Suspicious attachments or links

 

What is Phishing?

Phishing is a type of scam, where the attackers pretend to be someone you may trust, like PayPal, Microsoft or your bank, for example. They are trying to trick you into revealing sensitive information or giving up your log in credentials to gain access to your accounts.

Common Phishing emails often:

  • Claim there's a problem with your account
  • Urge you to click a link or call a number
  • Include fake invoices or security alerts
  • Use logos and branding to look legitimate

 

Common Examples of Scams

The most common phishing scams are the PayPal Phishing Scams

  • "Your account has been suspended"
  • "You've received a payment - click to claim"
  • Fake invoices with urgent messages and phone numbers

 

What can you do about these?
Never click on any links you're not familiar with, if you're curious about any activity claimed in your account - always go directly to that organization (i.e. go directly to PayPal.com). You can usually forward suspicious emails to the real organization to help that organization crack down on cybercrime. For example, you can forward PayPal phishing emails to Phishing@PayPal.com.
 

 

Tech Support Scams

Technical Support scams are becoming increasingly popular among threat actors and scam organizations. It's unfortunate, but the movie "Beekeeper" plays a mostly accurate depiction of how these scam organizations operate. They're motivated by money and feed off of older individuals who are not as tech savvy as the younger generations. 

These methods can take the form of popups caused by navigating to a website and accepting the wrong cookies, or in an email claiming that that your purchase of a software was successful or failed. The main objective in any of these, is to get your to call their tech support - where they will then request remote access to your computer.  Below is a picture of a generic tech support scam email, where they create urgency, fear and identify themselves as a method to resolve a potential crisis.

                                                                        

 

How can you protect yourself?


 

 

Key Takeaways

Phishing and Scam emails don't only apply to businesses; everyone is a target to people who have no moral values. As common as they are, they can be highly preventable. Always verify a message before you click a link contained in it, or share any information with the senders. Use built in email tools like Gmails report phishing button to report and block the sender.

 

As a bonus tip, if you remember the email from PayPal we saw earlier, if we look at the sender address, it should say someone@paypal.com. Well, it doesn't, as we can see below, it comes from a gmail address.