While email scams are nothing new, lately we have been noticing a very large and very targeted attack on builders in Australia, both via direct email “Phishing” and also by targeting users of the realestate.com.au website. Today we are going to take a quick moment to explain how to spot these scams and how to avoid becoming a victim of them!
First of all what is “Phishing” well as the name suggests, this is where the ‘scammer’ is fishing for your details by providing a believable story or being targeted in their approach. So for example the builder (in this case) will receive an email along the lines of this:
From: Penny Contente <p.contente @ aol.com>
Sent: Wednesday, 19 June 2019 11:19 AM
Subject: New Build
We have plans for new build and are after quotes. I will send plans if you’re able to quote.
Above email is how they start out, all looks legit so far, the email looks “real” other than AOL not being overly popular in Australia, but who know they could be from overseas right? So we reply back with a simple “Hey Penny, sure. Please send through the plans.
From: Penny Contente <p.contente @ aol.com>
Sent: Wednesday, 19 June 2019 11:54 AM
To: <Your Email>
Subject: Re: New Build
Hello <Your Name>,
Thanks for the timely response. I believe all you need to know is detailed in the attached PDF. Please find attached for the building blueprints and see if it fits into your scope of services. Let me know if additional information is needed.
Now this is where the scam comes in, Penny replies back with a “Thanks for the timely response” and has “attached” the plans (Approved Drawings and Plan_CS.pdf) for quoting a in PDF, great! Right? …. Well no the PDF looks real but once you open it, there’s a “Click here to download the plans” or similar, this can be many different things such as “You need to login to Onedrive” or “Adobe needs permission please login” BUT ultimately the PDF our scammer is sending is just a clever way of getting us to click a ‘link’ because most email clients and spam filters will catch the old scammer links, they’ve had to find creative ways to get you to visit these links.
Now generally this PDF should set off alarm bells and you can promptly delete it and ignore the scammer, but in this instance we will go ahead and click their link, which then takes us to the ‘bait’ for the phishing…. So what we have here is a ‘realistic’ attempt at a login screen. The key giveaways are the URL is dodgy (no SSL and some unknown garbage website). From here no matter what details you enter into the form, they’ll be captured for your scammers to steal your credentials!
Key things to lookout for on this page, it’s hosted on a “free” host (sometimes they’re hosted on a hacked site), so it’s not a legit Microsoft login to begin with, it’s a fake website made to look similar. All options simply ask for email and password no matter what you select. This is how they capture your details.
ANYTHING you enter will be saved for the scammers to test out later… So, it would really be a shame if we were to enter thousands of fake emails and passwords…..
Once they have your email and password, they can hold your email hostage, use it to scam your friends, try those same login details on other sites or request password resets to your other accounts, Facebook, online banking, whatever nasty intention it may be…
So how can you protect yourself from these scams? Well it’s hard as they’re always changing their tactics but a few things to remember:
1. Always check the email address, you can simply hover over their email and see if it’s something odd with misspellings or rubbish and a fake name.
2. Never open unknown attachments, in this example we open the PDF because its a known document format, though this can be faked where the scammer tries to trick you into opening a weird file type, always check!
3. If you see a PDF asking you to login or “unlock” etc, its a big red flag and you should delete it.
4. Get a good anti-virus and spam filter!
5. Apply caution when dealing with emails, even if you know the person always make sure to check with them if it’s an odd request to do with money or clicking links, no matter what! A quick phone call can save you a lot of pain if a friend has been compromised.
Are your emails overrun with spam and scammers? Do you need help getting your systems secured? Contact Tecoda for a security audit and see how we can help your business!