CYBERSECURITY CORNER Preventing Attack, Email Spoofing and Robocalls Imagine that it is an ordinary day and you have been working on your typical duties, when suddenly, you receive an urgent email from your supervisor asking you to send them a classified document. In compliance, you send over the document quickly and efficiently. The sender of the email, unbeknownst to you, however, is not actually your supervisor at all, but instead an imposter whose goal is to steal private information from your organization. With the document in hand the cybercriminal has what they need, and you have, unfortunately, been the victim of email spoofing. So where did you go wrong and how can you prevent this from occurring in the future? WHAT IS SPOOFING: According to the FBI’s official website, “Spoofing is when someone disguises an email address, sender name, phone number or website URL, often by changing just one letter, symbol or number, to convince you that you are interacting with a trusted source.” HOW DO I RECOGNIZE A SPOOFED EMAIL? One of the easiest ways to identify a spoofed email address is to closely inspect the “From” line before replying. Cybercriminals often create email addresses that look very similar to your organization’s email addresses; however, if you look closely, you will notice that one or two letters may be off or misplaced. For instance, the email may present itself like the below example:
From: John.Doe@my0rganizaton.com At first glance, this may appear to be a legitimate email address, but if you look closely, you will notice that the “o” in “organization” has been replaced with a zero. A single character change from the letter “o” to the number “0” is all that it takes to trick an email recipient into trusting the sender. Cybercriminals often use similar tricks to gain your trust and convince you that you are speaking with someone within your organization, so pay close attention. Aside from the email address, there are other ways to recognize a spoofed email. Other common red flags are: • • • • • •
Urgency – The email pressures you to act quickly or else something bad will happen. Opportunity – The email contains an offer that is simply too good to be true. Links – The email contains unexpected links which are usually malware in disguise. Unexpectancy – The email arrives to you out of the blue. Time – The email is sent at an unusual hour, like 2am. Requests – The email asks you to do a favor for someone because they are away and will be unable to respond.
If you receive a suspicious request always verbally verify with the perceived source that these emails are legitimate before you act. WHAT DO I DO IF I RECEIVE A SPOOFED EMAIL? If you believe that you have received a spoofed email through your Microsoft Outlook account, you may report the email to the OCIT Enterprise Privacy and Cybersecurity Team by clicking on the “Phish Alert Report” button on your Outlook Task Bar. Reporting a suspicious email will alert the appropriate personnel and can even help prevent others from being affected by the same spoofing attempt. If you suspect it, report it. ROBOCALLING: Another common method criminals use to gain your trust is called “robocalling”. A robocall is a call that is automatically dialed out by a computerized auto-dialer. When the call is answered by an unsuspecting receiver, a prerecorded message begins to play. On occasion, robocalls will use sophisticated voice recognition technology to determine what the human speaker is saying and respond back accordingly. These calls are often simply a nuisance, as telemarkers, politicians and disaster alert systems use them, but sometimes these calls can be used to scam unsuspecting victims.
26
Co unty Co n n e c t i on
