Blog

Spam…cont’d

In my last post I spoke about the history of spam, let’s now have a look at the different types and how you can protect yourself. 

Different types of spam

Spam can vary from marketing spam which is more of a nuisance than harmful, to the serious threat of cyber criminals hacking into your online accounts, stealing data, money and spreading malware. Email spam is usually filtered out through your email provider with only a few trickling through to your main inbox. However, cyber criminals trying to steal your data are harder to combat. 

Let’s go through some of the most popular types of spam;

Phishing emails 

Phishing is one of the simplest forms of cyber attack and also one of the most dangerous. It tricks people into giving up personal and sensitive information such as credit card information and website logins. It does this by ‘email spoofing’ where emails are sent impersonating a legitimate company. These can be highly sophisticated with the real company’s branding and language copied. The emails usually sound urgent and sometimes threatening, with a request for payment, for updated billing information or a request to reset your password for example. Once they have the information they need, the scammers can simply pretend to be us and use the online services we use every day. 

Symantec is one of the world’s leading cybersecurity companies in the world and according to them, upto 85% of all organisations were targeted by phishing scams in 2020. Microsoft accounts are the most popular targets, accounting for nearly half of all phishing attempts at 43%. The pandemic has seen a huge rise in online shopping and this has brought out more scammers who want to get their hands on any password they can, with IKEA and Google ranking highly on the most targeted companies. These spam emails are now impersonating shipping companies and DHL has appeared in most phishing attacks. These emails imitating companies can in turn negatively affect their reputation and therefore ultimately sales. 

Malspam

Malspam, given away by the name, is malware spread by spam. Like the two above, it also relies on some sort of psychological manipulation, called social engineering, to trick people into taking action. This can be simply clicking on a link or opening an attachment in the email. Both of these would result in a malware infecting your computer. This may result in your computer being used as a bot to send out more scam. 

Advance-fee scams 

This is also known as the Nigerian or 419 scam. 419 being the section of the Nigerian criminal code that it violates. Although this type of scam has become infamously linked to Nigeria, only a small percentage of spam actually originates from there, with it ranking 52nd on the list of spam sent by country. 

This scam involves an unknown sender offering a big reward in exchange for an advance cash payment, which is usually disguised as a processing fee. Once you send the money over this sender disappears with your money and there is no big reward after all. Another way this scam is carried out is through making the victims money mules. This is done by using the unsuspecting victim’s bank account to launder and transfer dirty money. People are offered a portion of this money to act as the middleman. However, when the police find out they usually come knocking on the door of said middleman, with the originator getting off scot-free. These scams seem pretty easy to reject, however, people fall for them everyday thanks to the cunning tricks and psychological manipulation by these scammers. 

Mobile phone scams 

This is when you receive a call or text from an automated robot essentially. The texts, like malspam can contain links that will infect your phone. The most popular call spam are pre-recorded messages pretending to be from banks or credit card companies. Sometimes the messages will state that there is an important document waiting for the victim, which will need to be retrieved, of course at a cost. These robocalls and text are illegal, unless they come from a charity, political campaign, healthcare provider or if they are purely informational from a service you use. 

 

How to protect yourself from spam 

The most obvious way, don’t respond to it. Often easier said than done though. With our brains processing so much information these days, our guard is often let down when scrolling through hundreds of emails. There are some simple ways to be better protected though. 

There are often tell-tale signs of phishing emails;

  • The sender’s address may not be correct, with a random domain.
  • If there is an embedded link, hover over it instead of clicking, to see what the URL looks like. It will most likely look a bit weird. If you want to go to the page it is claiming to be then go to it yourself through your browser and not by clicking the link. 
  • They may address you as a customer or friend rather than your actual name. 
  • If there are attachments it is usually suspicious as businesses rarely send out marketing emails with attachments. 
  • Some spam is terribly executed with spelling or grammar mistakes in the email subject or content. This is usually because the content has been passed through Google translate many times.
  • If an email is too good to be true, with the promise of financial reward, I’m afraid it usually is!

In general if an email or message isn’t what you’re used to or it just seems odd to be receiving it from a particular person or company, your best bet is to ignore it. As for links or attachments, don’t be that person that is just ‘curious’ to click on it to see what happens. 

Make sure that your spam filter is on with your email provider and do not enable macros. 

Bot calls should always be hung up on in my opinion, and whatever you do, don’t engage by pressing any buttons or calling a number. Definitely don’t text back any personal information. Messages asking you to update sensitive information are always a no-go, unless you initiated it first. And even then, be careful of how much information you give out. Multi-factor authentication is also good to use as it gives scammers another, much tougher and almost impenetrable barrier to try to break through. Cybersecurity software is also a must-have. There are products for home and business, and even for your phone. 

If you want to know more or need help with anything spam related, get in touch with us!

 

  • Written by Mikita Maru, May 25 2021