Why You Need to be an Email Skeptic

By:  |  Category: Blog, Security Wednesday, August 9th, 2017  |  No Comments
email skeptic

You can learn a lot from Facebook. Maybe too much–which is why being an email skeptic these days is a good idea.

A security researcher decided to see how hard it would be to create a targeted phishing attack on a total stranger. He went to Facebook and found a guy he did not know personally and found a wealth of information, including:

  • He visited Tapley’s Pub in Whistler, British Columbia, on Sept. 20.
  • He visited The Brewhouse in Whistler on Sept. 16.
  • The names of at least some of the people he was with on Sept. 13.
  • He visited the 192 Brewing Company on Sept. 12.
  • He visited the Chainline Brewing Company on Sept. 11.
  • He visited American Pacific Mortgage on Sept. 9.
  • He went to a Seattle Seahawks game on Sept. 3.

And based on his Facebook profile, it was clear who he worked for, the city in which he lives, his wife’s name, and lots of other information.

If the security researcher was a bad guy trying to get access to this victim’s corporate login credentials, he could easily create an email with the subject line “Problem with your credit card charge at Tapley’s Pub” — a subject line that would make him open the email given his recent visit there.

Next, in the email, the bad guy could write a short, believable message about a problem in running his credit card and provide a link asking him to verify the charge. That link could be to a site that would automatically download a keystroke logger to his computer, and GAME OVER.

The bad guy can now capture every keystroke of the victim from then on, which would include login credentials and other confidential information.

The moral of this story: do not share all kinds of personal information on social media. This is true from the mail room up to the board room. Shared personal information can come back to you and bite hard.

Think Before You Share.

 

Samantha Keller

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller
Leave a Comment
Read previous post:
Managed Service Provider
Does Your Business Need to Work With a Managed Service Provider?

IT managed service providers deliver the technical expertise small businesses need at a much lower cost than hiring IT staff....

Close