A hacker sitting at a laptop in a dark room, wearing a grey hoodie.

No matter how “bomb-proof” we make your network, you and your employees can still invite a hacker in if you click on a link or open an attachment in an email sent by a cybercriminal. While some spam is obvious (can you say, “Viagra at a discount”?), others are cleverly designed to sneak past the filters and trick the recipient into opening the door.

Known as a “phishing” email, this still is the number one way hackers circumvent firewalls, filters and antivirus programs. So it’s critical that you and your employees know how to spot a threatening email.

You should always be on high alert for these four types of email ploys.

The Authority Email. The most common phishing emails are ones impersonating your bank, the IRS or some other authority figure—the assumption being you’ll do whatever they ask because the name evokes a sense of authority.

A good rule of thumb is to avoid any email with these characteristics:

  • You don’t personally know the sender. This includes emails from the IRS, Microsoft or your bank
  • You are asked to verify your account or else it will be deleted. Remember, any important notification will be sent via old-fashioned snail mail. If it’s important, they can call you.

The Account Verification Email. Any email that asks you to verify your password, bank information or login credentials (or to update your account information) should be ignored. No legitimate vendor sends emails asking for this information; they will simply ask you upon logging in to update or verify your credentials if it is necessary.

The “Please Buy” or “Please Do” Email. A current email scam that is gaining traction (and has been very successful) is the spoofed email—an email that appears to be sent from someone you know but was actually created with a forged sender address. Such emails will ask you to perform a task like purchase gift cards (or some other portable, generally untraceable currency or product) and send them somewhere.

This scam uses traits of the authority email attack to prompt the victim into complying. In fact, recent attacks have included members of C-suite management in victims’ workplaces. There is usually a reason the victim cannot contact the claimed sender—for example, they’re on a plane, overseas, or in an important meeting and there is a tight deadline.

If you see this, ignore the friendly name and take a close look at the sender’s email address. You’ll probably see that it looks nothing like the address he or she normally uses.

The Zip File, PDF, Picture or Invoice Attachment, or Web Link. Unless you specifically know the sender and are expecting the attachment, never ever open an attachment. That includes PDFs, zip files, music and video files, and pictures of kids, grandkids or vacations.

You should also beware of anything referencing an unpaid invoice or accounting file. Many hackers use this to get people in accounting departments to open emails. Of course, any file can carry a virus. So it’s better to delete anything remotely questionable than be sorry.

However, don’t forget that an email doesn’t need an attachment to be a threat. Emails containing merely a weblink to somewhere else is just as dangerous and should be avoided.

What can you do? Combating these attacks is tough as they get more clever (and improve spelling and grammar—often a hallmark of fraudulent emails). But it’s not impossible. There are some technical solutions that can be employed on your company’s firewall:

  • Geolocation filtering – An email sender’s internet-connected device also sends information about their geographic location. Your firewall can be set to look for this information so it can block emails sent from specific countries or regions.
  • Reputation scoring – Internet service providers assign scores to email senders based on the amount of mailings they make, how often their emails hit spam traps, inclusion on blacklists and other factors. The more these things happen, the lower the reputation score for the sender. You can block emails from senders whose score falls below a specified threshold.

You can also adopt a “zero trust” policy in which you assume everything is an attack until proven otherwise. While this is quite effective, it also slows down your response to legitimate emails—and in turn, your day-to-day production.

We recommend taking a multi-tiered approach. Implement the firewall filters and add quality anti-virus software to your computers. Learn to tell the bad emails from the good with just a glance. And when the glance doesn’t work, dig a little deeper without spending so much time that it slows you down. There are learning solutions to help you do just that. A small investment today can save you a lot of time and money later.

Your technology solutions consultants at James Moore keep tabs on the latest email scams and other threats to your technology. Contact us today for a free network security assessment at your organization.