April 4th, 2014 by admin
We have recently seen a rise in a disturbing phishing scam called email spoofing.
A spoof email is an email that looks as if it came from a trusted friend or acquaintance, but is actually malicious in nature. These emails are particularly nasty because they really look like they are coming from a friend – they may even include an email signature that looks completely legitimate.
However, upon closer examination you will notice that the name and email address do not match. These criminals aren't hacking into email accounts to send emails from a legitimate address, but are spamming with phony emails meant to look like they’re coming from a trusted source. These emails will always ask the reader to open a link using some kind of vague question or command like “have you seen this?” or “please click this link.” DON’T CLICK! Clicking the link is what exposes your computer to a ransomware virus or other malware.
How are these criminals accessing our information?
So what’s behind this email spoofing madness and how are these criminals accessing your email address and your friends’ information?
Very simple – Facebook.
Yep, the social media giant suffered an attack last year that compromised user data, exposing users’ email addresses and information from their Friend Lists. Facebook plugged the hole, issuing this statement:
“Recently, we discovered a single isolated campaign that was using compromised e-mail accounts to gain information scraped from Friend Lists due to a temporary misconfiguration on our site. We have since enhanced our scraping protections to protect against this and other similar attacks and will continue to investigate this case further.”
Of course, the damage had already been done and we are still seeing the effects of it today. Spammers still have access to information scraped previously and are continuing to send these phony emails. And they will continue to do so as long as people fall for them, which is quite regularly.
This can and will happen again
Do not think of this as only one, isolated incident that will never happen again. There are indications this is happening or can happen on other social media sites. Hacking social media is extremely profitable for criminals because it allows them to access peoples’ email addresses and the list of people they communicate with most often. This is extremely valuable information if you want someone to open a malicious email.
The Facebook data breach information will be used by hackers for years. This is particularly scary because one’s email address and friends rarely change while the sophistication of attacks improves.
Be on your guard!
If you receive an email from a friend or acquaintance but something seems fishy, it most definitely is. Vague or strange questions and an unknown link should all tip you off that it is a phishing email. However, as these attacks increase in sophistication these tip offs may not be so obvious. Hackers will hone their messaging to make an email look as legitimate as humanly possible. A good bet is to always scrutinize the "Reply to" email address. If it doesn't match the sender’s name, delete the email immediately.
Be vigilant, and as always, please contact us here at MPA if you have any questions regarding this issue.
Posted in: Cyber and Data Security