Email is both an excellent communication tool. Also, a way that companies can inform you about their latest products and services. However, email is frequently used to deliver unwanted material which is at best, irritating and at worst, malicious – causing considerable harm to your computer and yourself. Today we have known how to protect from spam email in our Email Box.
The Once Information Security Team has recently identified a new Social Engineering scam email campaign targeting some users. Fortunately, the attack is still in its early stages and we believe we can stop it by the flowing this step.
How to protect from spam email :
A Social Engineering attack involves building trust with a potential victim and asking for favors by abusing that trust. Attackers use techniques such as random lottery wins, expensive gifts, etc. to attract unsuspecting users.
We want to share the following tips on identifying a potential Social Engineering scam email and protect yourself from scammers.
Look for fantastic rewards from people that you had never heard before or got to know very recently.
- Unexpected lottery wins – claiming that you’ve won a prize from a lottery that you never purchased
- Expensive gifts – require you to submit a small amount of money compared to the value of the facility so that they could ship it to you
- Seek help to inherit property from a deceased rich relative and share a percentage – request you to provide small financial support to proceed with the case
- Promising huge profits from small or bizarre investments
Written in a way that induces sympathy or panic and asking for help
- Stranded in an airport – money, and ticket was stolen
- Initiative to save a rare species from extinction and asking for financial support
Sounds authoritative and official
- Claiming that you have violated a specific law (probably made up) and asking for a compensation/fine
- Informing you that a package intended to you (one that you are not expecting) require you to pay a fee to free and receive the goods
If you suspect that you might have received a Social Engineering spam email;
- Do not provide username and password, mainly if a link provides to verify your accounts or change passwords (Your IT team never asks to reset your password via a link)
- Try not to give any personal details (full name / NIC number/mobile number/home or office address)
- Should not provide information about your colleagues or superiors or any others (mobile number/email address/home or office address )
How to mitigate (avoid) threats:
- Open only standard documents like .pdf, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .pps , .ppsx from trusted sources.
- We allow, or you are required to change your password only on your computer by pressing Ctrl + Alt + Delete unless your IT admin does it.
- Always make sure of the sender’s email address, e.g., firstname.lastname@example.org but not email@example.com.
- Always get official IT assistance if doubtful.