The Holiday Season brings out many things in our great society. It brings loved ones closer together, joy to our children and delicious food to bring joy to our taste buds and bellies. It can be stressful at times due to the rapid running around for gifts as well as dealing with year end duties at work. Unfortunately, one of the more ominous things the holiday season brings are the crazies. The crazies are the swirly eyed psychopaths that take advantage of us kind-folk on the holiday season to line their pockets through trickery and deceit.
Those bad boys and girls are waking up every day trying to take advantage of our busy minds during this season. They live in your inbox and spam your phone with incoming calls. My position at Network 1 affords me the unique opportunity to speak with many different types of businesses and organizations. I have seen an increase in social engineering scams that are affecting all types of industries. Below is the most common example of what I have seen, and some advice on how to protect yourself and your business.
Gift Cards
This is a very common social engineering scheme. The details vary from situation to situation, but the heart of the scheme stays the same. You will receive an email from a top executive, managing partner, lead pastor, etc.., and they NEED your help! They are either in the hospital, out of the office, away on personal leave, and they just can’t seem to find the time to buy their niece, nephew or cousin a present. They enlist your help and make a simple request, “can you please go to the store and buy some amazon gift cards, scratch off the back and send me a picture of the code?” You are a good person and want to help. The email came from what appears to be the name of your boss or colleague. Why wouldn’t you help this person?
The “Bad Guys” know this about human nature and take advantage of it. They know we are busy with work and our personal lives and that leaves us open to these kinds of schemes. Below is the most commonly used method these crazy people use and how YOU can beat them:
Email spoofing: Defined as the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source.
This can be accomplished very easily by copy and pasting someone’s email address into a free and easily downloadable spoofing program. There is no regulation on the “From: Header” in the email world. Which means, there is no one checking to see if the message actually came from what the address in the header actually is.
You can verify the sender in every email you receive. Simply open the email and type “Message Options” in the search bar. A pop up will now be on your screen. Look for the bottom text and scroll down till you see “From: email address”. If the address listed there is different than the person you think the message is from, rest easy, it is spam, delete it.
This is an example of an internal email I received this morning. I thought it was my colleague Kevin responding to a request I made. I actually received a response from him, so I immediately became suspicious…. I opened the message and looked at the message options. To my surprise, the reply is actually from Kevin.
Though this method is a great way to see if the email is legitimate, it is not the only way. If you ever get an email requesting information and/or money, always call the sender to verify that it is a legitimate request. Remember, if you reply to the email, the spammer might be on the other end responding that it is legitimate.
Sorry to be a downer, but this stuff is important. Stay safe and have a great holiday season.
Tony Coughlin
With multiple years of experience in customer service across many industries, Tony brings his upbeat and positive attitude to the Network 1 team. He is committed to delivering the right solutions and services for clients and business partners.
tcoughlin@network1consulting.com or 404.997.7655
Network 1 Consulting is a 20-year-old IT Support company in Atlanta, GA. We become – or augment – the IT department for law firms and medical practices. Our IT experts can fix computers – but what our clients value most are the industry-specific best practices we bring to their firms. This is especially important with technology, along with regulations and cyber threats, changing so rapidly. We take a proactive approach to helping our clients use technology to gain and keep their competitive advantage.
