Post info:

Social Engineering {Tricking}

There has been an up-tick in social engineering with emails around the area again. I personally received one this morning from UPS. Take a look at the screen shot below.

The same techniques are still applicable in spotting a phishing email. The From is from a different address than what I would expect from UPS. The second red flag is the “Get your invoice here.” The Here is hyperlinked and will send me to a different site. Please DO NOT click the link. Hover over the hyperlink to see where it is going to send you. This was also a bad address.

This is a fairly broad attempt on phishing. However, almost every member of our team has received some variation of a phishing email this week with more relatable information. In those emails, the Display Name is an individual whom we have communicated in with the past. The from email is bad, but the name is still correct. Their name & title are also correct at the bottom in their altered signature. Inside of the more specific emails, they are trying to get us to click a past due invoice with a link within the email. Majority of the time the email is not very well written. Keep an eye out for phishing emails coming through. Many times they are going to focus on past bills and some sort of repercussion if not handled immediately. Also keep in mind this is tax season. If you ever question if the email is legit, please pick up the phone and call the individual. Don’t use the number in the email, use a different source. (ie. phone book, Google)