A more targeted form of phishing is known as ‘spear-phishing’. Rather than emailing many people at once, these emails are more targeted and are usually only sent to one person, and made to look like it’s from someone you know, and that the topic is relevant to you.

Spear-phishing is used to target employees by impersonating senior executives asking for funds transfers. This is also known as ‘wire fraud’.

They usually ask the target to make a wire funds transfer for them- or confidential information (eg tax details). By making the email appear to come from a very senior person, they are hoping you’ll action it quickly without verifying the request.

In recent weeks through our Helpdesk we have seen a huge increase in very personalised emails for smaller amounts of money targeting small companies. 

Many businesses have lost large amounts of money due to spear-phishing- eg Irish airline, Ryanair, lost $5 million to this type of scam.

Raising awareness of these scam emails with employees (especially Personal Assistants or payment authorisers) is important to reduce this risk. If you receive a request like this, simply call the person (on a known number) to confirm they requested the transfer.

Now after 30 years in the ICT Industry SPAM has a whole different meaning and is certainly not as appetising as it used to be.

Spam email is a form of commercial advertising which is economically viable because email is a very cost-effective medium for the sender. If just a fraction of the recipients of a spam message purchase the advertised product, the spammers are making money and the spam problem is perpetuated.

Spammers harvest recipient addresses from publicly accessible sources, use programs to collect addresses on the web, and simply use dictionaries to make automated guesses at common usernames at a given domain.

At the present more than 95% of email messages sent worldwide is believed to be spam, making spam fighting tools increasingly important to all users of email.

Did you know that good / clean emails are referred to as HAM.. 

Spam and viruses

Spam is increasingly sent from computers infected by computer viruses. Virus-makers and spammers are combining their efforts to compromise innocent computer users’ systems and converting them into spam-sending “drones” or “zombies”. These malicious programs spread rapidly and generate massive amounts of spam pretending to be sent from legitimate addresses.

It’s important for all computer owners to install and maintain anti-virus software to avoid having their computer infected and possibly become a source of spam without their knowing.

Effects of spam

Aside from the amount of junk arriving in the Inboxes of millions of innocent email users every day, spam can have a more indirect and serious effect on email services and their users.

Hijacking of real users’ addresses or email accounts is also common. Typically these messages will have the From field showing something like “Australian ATO Collections” info@hotmail.com and it is very important to check that the email address has some relationship to the identity the email is coming from.

Several email users have been affected by falsified messages claiming to be from the service’s administrators, stating that users’ account are closed and require some action by the user to be reopened. Such messages often contain viruses and should be ignored or deleted.

When hijackers succeed in sending spam via an email services, it can be temporarily blocked by other services and private domains who try to protect themselves. Providers such as Arafura Connect do everything we can to prevent this, but it’s important that email users protect their own account with strong passwords to prevent their account being hijacked.

Phishing

An increasingly common phenomenon is “phishing”, where messages appearing to be sent from e.g. legitimate financial institutions attempt to trick recipients into “verifying” sensitive data (such as credit card information) on fraudulent web sites.

Legitimate services will rarely (if ever) send messages requesting you to click a link and provide personal or sensitive information. Be sure to verify the source of the message before complying with such a request.

Check out our article here for more details on the embedded content.

http://www.itblog.com.au/articles/11/1/False-Emails---How-To-Check/Page1.html

The easy ones have poor grammar, spelling mistakes or poor translation from the country of origin, we refer to them affectionately as "Chinglish" mistakes.

Some are pretty good, and if you are not sure then how do you check.....

The example below from Suncorp looks pretty good with no obvious errors, the next thing to do is move your mouse over the places where the email wants you to go, the links.

In this case you can see the page that you are being re-directed to has no relationship to Suncorp, this is a dead giveaway that the email is fake and you are being re-directed to a site that has been hacked.