Dissecting a spam email

There are in excess of 100 billion spam email messages sent every day. Even with the best email filters, some of it is bound to end up in your inbox. If you are a fan of us on Facebook, you may have noticed Peg has been doing a bang up job of keeping our fans up-to-date on some email phishing and scam attempts as well as a domain renewal scam.  If you haven’t seen the Facebook posts (and there is a good chance you haven’t since Facebook only delivers posts to about 11% of a fan base), I’ve provided a recap on one of them below.

The “Your Mailbox is Almost Full” email – Ever received an email from “IT Support” that states your email account is over limit? In the email image below, I’ve pointed out three places to look for to see if this email is legitimate or not.

First, I look to the “to field”. My name and email address are not in the to field. In fact, no email address is listed in the to field. This leads me to believe that I was BCC (blind carbon copied) on the email along with many others.

Second, I look to the from name and email address. The email address is not one that I recognize. The URL is not known to me and neither is the person’s name. I also happen to know that we don’t contract with a company called ICT, so there is really no reason they would be sending me a support email.

And third, when I hover over the link in the email (Clean-up system) I see the URL is questionable and built on a free site that was likely put up just for this scam. Now, I didn’t click on the link, so I don’t know what is on that site, however, I can guess at what I would find. It would likely ask for my username and password at which time they would have all the info they need to hack into my email account. If you’ve heard of Panama Papers, you’re well aware of the damage that a hacked email account can do.

So what should you do when you get an email like this? Delete it. If you aren’t sure whether it is legitimate or not, forward it (or a screen shot of it) to your actual IT person to have them verify the contents of the email.

email1 security

Check out our Facebook Page to view other spam emails that we received this week. Spammers and scammers rely on the consumer’s naiveté to successfully infect and take over a computer, phone or server. They typically use fear based tactics (“oh no! I can’t send or receive email!” in this case) to get the consumer to respond without analyzing the actual email first. Arming yourself and your staff with the ability to spot spam will help keep your business running strong.

If you have questions or are interested in testing your staff’s security knowledge, contact us today!

About the Author Patrice w/ ProFusion

follow me on: