A few months back, we shared a story about receiving a fake Amazon.com shipping confirmation email. You can find that column here but the short story version of this was that it was a pretty legit-looking email. However, with a little scrutiny, it turned out to be obviously fake.
We don’t see this kind of fraudulent email stopping, apparently because it works well enough for the bad guys to keep using it as a method both to spread malware, and to steal personal, credential and financial information.
In the past couple weeks, we’ve received bogus eFax and Dropbox notices, account quota and cancellation notices from “Microsoft” (also bogus), and another Amazon notice, this one requesting an update to seller account information. These are potentially especially dangerous, since I DO (and many of you do) have accounts with all those companies and I DO (and many of you do) get regular notices from all of them.
So, at the risk of repeating the same old advice, here it is, again, anyway…
It has become even more important to be wary about emails with links -- and those that ask you to share personal and/or financial info. They’re not all fraudulent, but a good number are – and it’s getting more difficult to tell the difference.
The best TECHNICAL defense against this junk is a firewall with perimeter protections from viruses, spam, and traffic to/from “disreputable” sites and locations. And while it’s no substitute for the technical solution, the best overall defense may be a personal awareness of the potential threat and a skeptical eye toward anything that seems just a bit ‘off’.
