We’ve all been there, working away when you see the familiar email icon pop up.
But this time it’s different, the subject line reads ‘REQUEST FOR ASSISTANCE – STRICTLY CONFIDENTIAL’, you open it up trembling with excitement and trepidation. Am I the chosen one?
The short answer is no. What you are is the recipient of a phishing email from someone offering you endless riches for a ‘small’ leap of faith. Often that leap will see you land face first into a steaming pile of….
The latest scam to hit our inboxes is from a galaxy, not too far away, Salut 8T to be specific. If you’ve never heard of Salut 8T, that’s because it’s a super-secret Soviet military space station that is so super-secret the Russian Government doesn’t even know it’s there, or do they?
Anyway, this email is from the cousin of a Nigerian astronaut – if you think that no Nigerian has ever gone into space, you’re clearly wrong – who informs you that his cousin, Air Force Major Abacha Tunde, has been stranded in space since the late ‘80s due to overbooking (United Airlines, take note) and due to situations outside his control, namely the dissolving of the Soviet Union, he is stuck.
Luckily for all involved, his cousin Dr. Bakare Tunde, has been in contact with his family member in the outer regions of space, presumably using the tin can and string method, and is finally in a position to try and help him…28 years later. It also helps that the Soviet Union failed to cancel their payroll during the dissolution, meaning the good astronaut is now $15m dollars richer – don’t worry about why the Russians paid in dollars – and is ready to spend some of that hard earned cash.
All the family need is $3million to begin the rescue process….there goes that rainy-day fund.
While it’s easy to laugh at this type of phishing email, not all are as obvious as the Nigerian prince/astronaut/zoo keeper.
Some of them are often scarily authentic and only become apparent after the damage is done. So, what can your business do to protect itself? Antivirus organisation, Norton, suggest these seven tips.
- Be wary of emails asking for confidential information – especially information of a financial nature. Legitimate organisations will never request sensitive information via email, and most banks in the UK will tell you that they won’t ask for your information unless you’re the one contacting them.
- Don’t get pressured into providing sensitive information. Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Be sure to contact the merchant directly to confirm the authenticity of their request.
- Watch out for generic-looking requests for information. Fraudulent emails are often not personalised, while authentic emails from your bank often reference an account you have with them. Many phishing emails begin with “Dear Sir/Madam”, and some come from a bank with which you don’t even have an account.
- Never submit confidential information via forms embedded within email messages. Senders are often able to track all information entered.
- Never use links in an email to connect to a website unless you are absolutely sure they are authentic. Instead, open a new browser window and type the URL directly into the address bar. Often a phishing website will look identical to the original – look at the address bar to make sure that this is the case.
- Make sure you maintain effective software to combat phishing. Norton™ Internet Security automatically detects and blocks fake websites. It also authenticates major banking and shopping sites.
As a business, the information you hold on your servers, from client data to employee financial records, will be extremely sensitive. If you suspect an email you have received is suspicious please report it immediately to http://www.actionfraud.police.uk/scam-emails.