Wednesday, May 1, 2013

Re: Check out these Documents!!!

<Caution: A bit geeky. - You have been warned.>

Recently, at work, a number of employees and friends of employees have had their email accounts compromised and send out fraudulent emails on their behalf. 

Once a user receives said fraudulent email, he is often fooled into thinking that the email is real, and blindly follows the directions. The email requests the user to click a link and enter their email passwords so they can see an important Google Document. The link opens a page that is designed to look like a Google sign-in page; however, in truth, it is not. Once you enter your username and password, the spammer has your account credentials. He then sends the same fraudulent email to all your contacts, asking them to click on the link. If and when they do, the cycle continues.

The variant of spam being used here is called phishing. Phishing is typically carried out by email spoofing and often directs users to enter details at a fake website, the look and feel of which are almost identical to the legitimate one.

People generally don't think about clicking on links in emails that were sent from an email address they know and trust. However, you should always be suspicious, if not paranoid, that an email is not legitimate.

I sent out an email to all the staff explaining to people what was going on and how to avoid falling into this.

Below are 12 things that may have tipped one off that this email wasn't real.

Click the image to enlarge.

1 - The subject starts with Re:. Re stands for regarding and almost always is in response to an email you sent them.

2 - Very generic subject not referring to anything. Usually the sender will include information in the subject as to what the email is about rather than the actions you must take.

3 - Three exclamation marks makes it look like this was written by a 13-year-old girl rather than a work email in a professional setting.

4 - This email wasn't sent to you specifically. You were bcc'd and you can't see anyone that it was sent to - a telltale sign that this was a mass email not meant specifically for you.

5 - Many times (as in this case), the email was sent at an odd hour. (Fun fact: It's easier for spammers to send emails at night than it is during the day.) In this case in particular, it was sent after 10:00 pm on a Friday night from an Orthodox Jew.

6 - The email didn't address you (or anyone) by name. This is very coarse way of sending emails, and not usually done by people who know you.

7 - Other than the fact that this is not the way most people would write this sentence, it doesn't indicate the topic of the document at all. (This sentence in a legitimate email is more likely to read: "I created a document regarding next year's lesson plans using Google docs.")

8 - Emails linking you to Google Docs are generally sent from Google Docs itself, or will show a Google Docs icon. While someone can link to the document themselves, it's not at all common.

9 - Hovering over the link will allow you to see where the link will take you. Looking at the site, you will see that it's clearly not going to a Google sign-in page.

10 - Most people don't include tech instructions in their email - unless it's sent from me :)

11 - Total lack of proper punctuation and spelling (i.e. there should be a period after document, a capital I and an apostrophe in "its"...)

12 - Another vague attempt at making this email sound important for you to quickly open it without actually giving you any details as to what it is.

13 - No signature. Most people will include their name at the bottom of their emails - especially important ones.