LinkedIn Phishing Scam | Malware

New LinkedIn Phishing scam

Receiving a LinkedIn message from a recruiter offering you the job of a lifetime may sound like a dream, but for victims of the new Ducktail malware, it can quickly turn into a nightmare.

Cybercriminals are ramping up their impersonation game, posing as HR talent scouts on LinkedIn to trick professionals into downloading dangerous software. To avoid losing control of your valuable data, you’ll need to be on the lookout for this new scam.

Are you dealing with a recruiter or a cybercriminal?

LinkedIn  has become the go-to social network  for professionals around the world, with 9 million registered profiles in South Africa. Naturally, recruiters have been keen to use this platform to reach out to suitable job candidates – and some of their overseas offerings can be very attractive.

Receiving a message asking you to consider a lucrative  job offer is always exciting. Unfortunately, online bad actors are jumping on the opportunity to defraud and steal data from prospective jobseekers.

A new scam on LinkedIn has seen professionals in several countries in Africa and the Middle East targeted by fake recruiters, losing control of their Facebook business accounts in the process.

  • The first step in the scan is always a LinkedIn message from someone posing as an HR specialist. The contents of the email will usually refer to a great job opportunity – most recently with a fashion brand in a desirable international city.
  • Once a job candidate shows interest by replying to the phishing message, the cybercriminal will usually reply and include a link which looks like it leads to an online application form. In reality, clicking on this link will download the Ducktail malware onto their device.

Victims of Ducktail soon discover that their Facebook business accounts have been hijacked, with customer data including credit card and banking details being prime targets.

Always verify before you share your details

If you receive a recruiting message on a platform like LinkedIn, it’s essential to make sure that the person who sent it is legitimate.

  • Cross-checking the recruiter’s identity on their company website is one way of verifying their identity.
  • For local recruiters, calling them on the number provided on the website – and not the number in the email – is a sure way to find out whether you are speaking to the genuine person or an imposter.

Malware, ransomware, and other types of cybercrime are a major risk for every business and professional.

Keeping your data safe with our range of secure cloud storage packages. It’s your virtual insurance policy against cybercriminals.


Combat over confidence | Phishing Simulations

Protecting your business from phishing is non-negotiable in 2022

One of the best ways to check whether your organisation is prepared for an attack is by simulating one, and like every emergency drill it’s essential that your phishing simulations are realistic and truly test your organisation’s readiness.

In this article we take a look at the components of an effective phishing simulation. Here’s how you can stress test your cybersecurity system and prevent your team from having a false sense of security.

this is not a drill:  the importance of a realistic phishing simulation

Picture this: your most honest, well-meaning employee receives an email from a manager in your business – it could even be you – asking them to update details or respond to an urgent matter.

About half-way through the email, there’s a link, along with a request for them to click on it. Even though they’ve never been asked to do this before, there’s no sense questioning the manager in an urgent situation – or is there?

Just like that, a potential phishing attack could’ve taken place.

  • Sophisticated phishing scams coupled with hacking attempts that give cybercriminals control of your company’s email service could easily create a scenario just like this one.
  • When you create a phishing simulation, you’ll want to make it seem as legitimate as possible while including a few giveaways that your staff should be on alert for.

what to include in a phishing simulation

Here are a few signs that an email contains a phishing attempt. By including these in your cybersecurity drill, you’ll be able to put your team to the test realistically.

  • Unusual subject line or request for urgent action. An email that seems to be from a colleague or manager but contains instructions that are not typical of that person’s usual behaviour should be treated as highly suspicious.
  • Requests to click on links. Internal emails in your company might ask employees to click on Google Drive or other workplace management links, but any external link should immediately arouse suspicion.

Encouraging workers to read the link before clicking on it and to always check the full address of the sender. Confirming any out of the ordinary requests of this kind with the sender might take up some valuable time but can save your organisation greatly in the event of a real phishing attack.

keeping it believable

A simulated phishing email that seems ridiculous or reads like a clichéd Nigerian prince scam is likely to be deleted or ignored by the recipient.

On the other hand, sophisticated phishing tactics usually rely on something believable.

  • To strike a balance between believability and suspiciousness make sure your email is worded in a tone similar to your normal business correspondence.
  • Be sure to include a request for unusual action or embed a suspicious link to test your team’s cybersecurity awareness.

keeping your data safe with secure cloud storage

With phishing attacks and other cybercrimes increasing by the day, every business in South Africa needs secure data storage.

Our range of cloud storage solutions could be an integral component in your cybersecurity strategy.

Your Guide to the Best Email Security Practices

Every time you send and receive an email, you’re taking a risk. There’s ransomware, phishing, viruses, and compliance violations to be wary of. From CEOs of big corporations to secretaries who manage client emails all day every day, everyone needs to be aware of the best email security practices to follow to ensure that your emailing behaviour doesn’t become the very thing that brings your company to its knees.

To take the guesswork out of the process of drawing up an email security strategy, we’ve included some tips and advice for the correct and most effective security practices for your business. Before we investigate these practices, let’s learn more about the risks involved in using email.

the common threats

Regardless of its size, every company must have a cybersecurity strategy in place, and email security forms part of that.

Many people believe that as they aren’t sending or receiving particularly sensitive information, it doesn’t matter whose hands their email falls into. However, this is a risky mindset as hackers aren’t only interested in your email content. They want access to an even bigger network and the front door for them is through your email.  Once a hacker has access to your emails, the online world (your online world) is their proverbial oyster.

Cyber hacks and attacks are ever-changing. Over the years, they have progressed from simple phishing links to complex social engineering tactics and email security should form a critical part of your overall cybersecurity.

what to be aware of

Knowing what to watch out for is important. Here’s what to keep an eye out for.

These are emails that request money and sensitive information from a user. Spear phishing is when ‘someone else’ impersonates ‘someone you trust’ to get information out of you. You might receive an email stating, “Your online banking profile number and pin is going to expire in three days. Click on this link to register your new profile and pin.” Everything might look legitimate, but it’s not!

  • social engineering

Ever received an email or a pop up that says, “OMG, it looks like you in the video!” – well, that’s social engineering at play. This is when cybercriminals rely on you to click on a malicious link or attachment.

  • business email compromise

This is a form of spear phishing where a cybercriminal impersonates the CEO of a company or a manager. This type of scam relies on employees sharing sensitive information, which can be used to steal business data and even money.

  • spam

You know those emails that say, “You’ve just one a R1 000 Woolworths voucher!”? Well, this is known as spam, and most often, we fob them off as an annoyance when we click on it, and it takes us seemingly nowhere. What you’re not expecting is that a bot, instructed by the cybercriminal, sends you that link and when you clicked on it, spyware, malware or even ransomware is installed on your computer.

  • malware

Malicious software, called “malware,” often presents in the form of a Trojan, ransomware or some other program that attacks your computer system. In most instances, the files on the computer are encrypted, and you are requested to pay a ransom to get the key to unlock the encrypted files. Some types of malwares can get access to your computer camera or your entire device, which means they see what you see and do! Obviously, that’s a big risk.

  • botnet and ddos

Largescale spam and phishing campaigns are often managed by botnets which are groups of devices that are under the control of a cybercriminal. Often, these devices are used to overload a system or network in hopes of making it crash. This type of attack can cause absolute mayhem.

tips to the best email security practices

Email security is all about building as many walls as possible between your data and the cybercriminal. Cyber security should be no different to virtual security with multiple barriers making entry virtually impossible.

  • Educate employees on best email security practices such as never clicking on unexpected attachments and links;
    • Put rules and guidelines in place for all work email security.
    • Make sure that your employees understand what kind of sensitive data they are likely to be handling.
  • Encrypt sensitive email attachments through a secure hosting service.
  • Activate 2 factor authentication – this will tighten up access points from end-to-end, which includes email.
  • Add legal disclaimers to your emails so recipients are aware they cannot send that email on to anyone.
  • Regularly change email passwords (and ensure they are difficult passwords)
  • Do regular encrypted data backups just in case you ever fall victim to malware
  • Update your operating system to avoid software vulnerability which is often corrected with updates.

How do you ensure that your company uses email safely? Share your tips and advice with us today!

Your A-Z List of Cybersecurity Threats

In today’s modern world of IT and the pace at which it develops you could be forgiven for thinking that you are forced to face a new cybersecurity risk or threat almost daily. Sadly, this isn’t far from the reality.

Cybercriminals are developing new cyber strategies just as quickly (or even quicker) than the pros are shutting them down. A consequence of these relentless cyberattacks is the need to ensure that you’re always fully aware of new and developing cybersecurity threat types.

Here’s a brief list of the most common cybersecurity threat types to be aware of this year.

  • apts – advanced persistent threats

This is a very sneaky type of attack, whereby the cybercriminal quietly infiltrates the network and remains there, undetected, for an extended period while slowly syphoning data from the network.

  • ddos – distributed denial of service

This type of attack involves hackers flooding a server, website or similar with a multitude of connection requests, packets, and messages. The outcome is a very slow system or a crashed system that legitimate traffic is unable to access.

  • insider threats

The term “insider threats” implies that the threat or risk is malicious, but this type of threat can also be through unintentional human error and negligence. These threats are human-caused data losses and breaches that typically come from customers, employees, and contractors.

  • malware

Malware is malicious software that is either purposefully or inadvertently (by clicking on an email link or attachment or visiting a risky site) downloaded to a computer. Once the malware is on the computer in the form of spyware, a Trojan, a virus, or worm, it starts to cause harm to the computer and the files saved on it.

  • mitm – man in the middle attacks

An MitM is a type of attack that involves eavesdropping. A hacker intercepts messages between two parties and relays them to a third party so that the information can be used for malicious intent.

  • phishing attacks

Even though phishing attacks are one of the most prominent ways of hackers getting inside computers and networks, many people still don’t really understand that phishing is a form of social engineering. Hackers create messages (emails, content) that appear to be from a legitimate source and send them out to people. When the recipient opens the message or email, they assume it is legitimate and follow the instructions in the message. This can lead to them inadvertently sharing their personal particulars, log in details, and even credit card details with a cybercriminal.

  • ransomware

Ransomware is a type of malware that is particularly malicious and damaging. When a hacker manages to get ransomware on a device (usually through an email link or visiting a risky website), they lock the user out of their own files by encrypting them.  When the user tries to access the files, a message pops up demanding a payment to decrypt the files on the device.

  • spear phishing

Phishing attacks are usually random, whereas spear phishing attacks target a specific person, business, or organisation. This type of attack is very strategic and includes advanced skills from the attackers. They aren’t just taking a chance on anyone – they’re after something specific.

  • social engineering

Social engineering takes advantage of human gullibility and error. This type of attack uses human interaction to lure people into breaking regular security processes to gain access to sensitive data. An example of social engineering is when someone phones you and says they are from the bank. They have some of your information but require you to answer a few security questions before they can proceed with the very official sounding call. You proceed to give them your full physical address, ID number, and banking details. You may even give them your card details if they request it. This is just one example of social engineering.

the importance of knowing what risks are out there

The value of the list above lies in the fact that you can only create a cybersecurity system and protocol for your business if you know what you are protecting it from. Threats are changing consistently, and as such, you will need to change, update, and enhance your security protocols consistently.

last word on cybersecurity threats

Protecting your data and devices is so much more than simply avoiding the hassle of encrypted files and crashing computers. It’s about protecting your clients, defending your company’s good image, and avoiding the risk of paying legal fees if you happen to mishandle someone else’s sensitive data. Familiarise yourself with the threats out there and get to work sprucing up your cybersecurity system today.

Do you know of any cybersecurity threats that don’t appear on our list? Let us know!

Operation Falcon Cracks Major Phishing Ring – How Phishers Phish

A year-long investigation dubbed, Operation Falcon, jointly run by INTERPOL and Group-IB working closely with the Nigeria Police Force, was tasked with identifying and locating cybercrime threats. The task force spent a considerable amount of time trying to deactivate a massive phishing ring that has targeted over 50 000 victims in a major global scam. The scam unleashed a whopping 26 different malwares, wreaking havoc and bringing people and corporations to their knees.

The ‘ring’ includes a group of Nigerian nationals who have been working hard to infiltrate the systems of individuals and organisations. They would then launch scams to siphon funds out of the victims’ accounts.

Among the victims were private-sector companies as well as government departments in over 150 countries. The group, which is aptly being called a “gang” has been operating this phishing scam since as early as 2017.

how phishers phish

Much was learned from observing and monitoring this latest phishing bust as to exactly how cyber-criminals bo about the process. Phishing isn’t a new concept, but many people still don’t understand how they end up falling for a phishing scam.

The reality is that phishing scams have become far more professionally managed in recent years.

The key to dealing with phishing scams is in understanding how they work.

First and foremost, these gangs don’t simply attempt to impersonate a company executive or a person that someone within the company will trust…they fully immerse themselves into the process. They learn everything they can about the company’s communication styles, the vendors they use, the billing system practices that they follow and a great deal of other information that you would only expect a trusted individual to know.

And then they use that information to make a very believable impersonation. Everything about the communication a targeted victim receives seems legitimate and that’s why they fall for it. They end up providing sensitive information or clicking on a malicious link or attachment without ever questioning the authenticity of the mail.

don’t get caught out by a phishing scam

Be alert, always. It’s all too easy to accept a mail from a manager or colleague and click on the links provided or share sensitive information because you “know” them. Keep in mind that sensitive information should never be shared online and unless you are expecting a specific document or information from someone, never trust a link or attachment without first verifying the sender.

With the New Year approaching, now is the time to take a look at your current security measures to see where you can improve on them. Be alert and aware – phishing scams are undoubtedly on the rise.

A ‘Security Incident’ or hack attack? What the Twit, Twitter!

Already facing a potential Federal Trade Commission fine of $250 million after admitting to improper usage of users’ personal information in 2019, Twitter is in privacy hell! Whether or not you are an avid Twitter user, you will probably have heard that the company also suffered a recent hack attack which they classified as a security incident. According to inside reports, the attack included some high profile users such as Bill Gates and Elon Musk. What the twit, right!

Okay, hold on, let’s start at the beginning. What happened?

On the 15th of July 2020, a social attack was engineered and carried out on Twitter. According to the company, 130 Twitter accounts were attacked. The hackers used 45 of those accounts to spread Tweet posts and gained access to the inboxes of 36 others. Data was downloaded by the attackers from 7 accounts successfully.

More About the Attack

So how did the hackers ever gain access to the accounts of 130 unsuspecting users in the first place.? The answer is actually rather ambiguous as it’s both simple and complex at the same time.

Twitter has gone to great lengths to investigate what they initially referred to as “a security incident” and have found that it is the result of a small group of their employees being targeted through a phone spear-phishing attack.

What is a phone spear-phishing attack?

Quite simply, fraudsters send emails from a known or trusted sender in order to get the target to reveal confidential information. This method works more often than not as the target believes they are talking to their trusted contact, when in fact, they are not.

In order for the attackers to be successful, they needed to obtain access to the internal network where they could gather the credentials of specific employees with access to internal support permissions. To some degree, they succeeded.

Their hack, however, required a two-step approach as none of the targeted employees had all the necessary permissions that were needed by the hackers. Using the credentials of some of the employees with the right access, they were able to target 130 Twitter accounts; tweeting from 45, downloading the Twitter data of 7 and direct messaging of 36 users.

What is the Risk to You?

For the most part, the hackers were unable to access the private info in the majority of the hacked accounts (save 7 that is). Twitter confirmed the following:

  • The hackers could view user’s email addresses and cell phone numbers.
  • Hackers were unable to view previous account passwords.
  • The company is still investigating how much information the hackers gained access to from accounts that they were able to take over.

The investigation is still underway and Twitter says it will do everything it can to ensure that a similar attack doesn’t happen in the future.

Steps You Can Take

Just to be safe, you should change your Twitter password and take the time to suss out your profile for any unusual activity. Make sure that you never click on email links or attachments, even if it seems to come from a trusted source. Check with the source first as to whether or not they messaged you and why.

At Soteria Cloud, we have a tendency to repeat ourselves – with good reason. We can’t tell you often enough how important it is to change your passwords regularly and that you should be storing sensitive information in an encrypted format in the cloud.

If the Twitter hack gave you a bit of a scare (or wakeup call), perhaps now is the time to start looking into ramping up your cloud backups and device security.

Hackers don’t break in; they log in

When we think of hackers, we tend to visualise clever online criminals who use sophisticated software to decode or crack passwords and gain access to accounts. In most instances this just isn’t the case, as many people unwittingly hand their password over to a hacker without even realising it.

Cybersecurity officials are faced with the same reality: passwords are being stolen and advanced hacking tools are not always needed.

How it happens

So, how does a hacker get access to an employee’s user name and passwords?  We take a look at the most usual hacking methods below:

  • Phishing emails

One of the most common ways for a hacker to get a password without using technology is to ask for it. Yep, it sounds awfully easy, but one thing you need to realise is that for an experienced hacker, it is as simple as that.

Phishing scams are the most prominently used form of password acquisition. It requires no software, but rather involves a hacker pretending to be someone trustworthy or an official person. They usually make contact by email or telephone and make a very convincing story.

The email signature may include the company’s correct telephone numbers and website address, tempting people into trusting the communication.

During a one-on-one conversation about the specific account, the “official” (who is actually an opportunistic hacker) will request bits and pieces of information from you such as your username, your card number, your account number, your ID number and so on.

At some point in the communication, you may receive a link to a website where you are required to input your user name and password. Of course, the hacker now has the user name and password and can then use the employee’s account to send out seemingly trustworthy communications, authorise transactions, and carry out various functions on business systems while flying under the radar.

  • Typosquatting

Typosquatting is a form of phishing that was “big” a few years ago. For quite sometime it fell away, but trends show that cybercriminals are revisiting this type of phishing.

The cybercriminal will hijack a company’s domain by registering website URLs that are very similar to the original website address. If you are attentive to detail you might notice spelling errors in the website address before you click on it! However, if you don’t pick this up and visit the website, it will look almost identical to the official website. At this point you will be asked to log into your account by inputting your username and password, which is how your password is received by the hacker.

  • Spear Phishing

Spear phishing is another type of phishing where the hacker creates fake social media pages or online blogs in the name of their persona. The cybercriminal will put in a considerable amount of effort adding mutual friends and populating the pages in order to make the page look more trustworthy and reliable.

This type of phishing is used to give a persona credibility which then makes it easier for the criminal to communicate with victims and deceive them into sharing personal information.

The Reality

The reality is that sophisticated hackers don’t actually need sophisticated software to get your user name and password. Most often, they rely on clever trickery to get you to unwittingly hand over your password.

In essence, a hacker merely needs to have basic web design skills (to create website log in pages), social media skills (to create credible SM pages), and an educated and well-spoken approach to communicating either online or telephonically.

What Can You Do?

Doing regular data backups to a cloud based service that offers data encryption will keep your sensitive information safe, especially if your device or system is hacked and your data is breached. You should also be aware of:

  • Any emails requesting that you change your user name and password by clicking on a link. In this instance close the email, look up the official contact details of the company (do not use the details listed in the email) and make a personal enquiry into the legitimacy of the email.
  • Link attachments in emails, even if the source seems legitimate. Unsolicited emails might not raise a red flag in your mind, but they should.

Ensure that:

  • You have up to date anti-virus software and firewalls in place to flag suspicious behaviour on the device.
  • You update your software and systems regularly to ensure that any bugs and vulnerabilities are consistently updated and eliminated.

Take responsibility for the safety of your data and take action

Educate your staff members on the risks of cyberattachs, phishing and hackers, and always have an alert and aware approach.

Need more advice and solutions to data safety concerns? Contact Soteria Cloud today.

Cyber-attack threats – the risk of not knowing what you don’t know

The KnowBe4 African Report on cyber-attacks in African countries such as South Africa, Kenya, Ghana, Morocco and more really does uncover some interesting statistics. The survey, which was carried out in 2019, tells us the following:

  • The majority of people in the country are worried about cybercrime;
  • A quarter of the respondents had no idea what ransomware is;
  • Over 50% of respondents didn’t know what multi-factor authentication is;
  • 57% of South Africans understand the risk of cybercrime but will still willingly provide their personal information if they think they know what it is being used for;
  • Most people feel that they would be able to detect a scam if faced by one, yet 50% of South African respondents reported having a PC infection or falling victim to a scam;
  • South Africans misunderstand what ransomware is, thinking that a virus that encrypts files and requires a ransom to decrypt them is called a “Trojan virus”;

Just these few findings paint a very bleak picture for the future of cybercrime in South Africa. Well, for the cybercriminals targeting South Africans it’s good news. For South Africa in general, it is quite the opposite.

The Most Valuable Finding from the KnowBe4 African Report

The report uncovered some valuable information for the surveying company and the respondents. It came out that email security is the biggest cyber-attack threat, mostly because users of email aren’t familiar with risks or don’t recognise them when they arrive in the inbox. There’s a lack of understanding surrounding malware, ransomware, phishing emails, and what the actual risk of sharing personal information is.

Cybercrime is particularly lucrative for cybercriminals as a result of the natural impulsive behaviour of individuals who will click on links and open attachments without first checking the source. Especially if they think they know the sender of the email. Something that most email users don’t know is that Cybercriminals can hack contact lists and send emails that appear to be from someone else.

The Misconception

A few years ago, a phishing email was usually easy to detect by its poorly written content and bad spelling. There are some that still believe that this is the format of a phishing email when in reality, cybercriminals have upped their game. Nowadays, it is extremely difficult to tell a phishing email apart from a legitimate email.

The Real Problem

The real problem is undeniable…human error.

Humans are not always fully aware of the impact of cybercrime on a business, a person, and finances. As humans, we tend to only realise the seriousness of the situation once we have fallen prey to it. And even then, we forget all too quickly. In business environments, employees seem to be far more careless with emails and attachments than they would be with their own private mail or their own business.

One of the biggest mistakes that people make is using free Wi-Fi hotspots for sensitive online activities. If you are going to do online banking or enter your email and social media passwords online, it’s best to do that at home or while using your mobile service provider’s data network. The moment you carry out these activities while using a free Wi-Fi hotspot, you put yourself and all the data on your device at risk. Cybercriminals are quite well known to use public Wi-Fi hotspots to trick users into connecting to their network which of course, ends up being malicious.

What is the Solution?

It is essential to ensure that all sensitive data is stored in the cloud rather than on a vulnerable device or storage disc. You should also ensure that all of your staff receive cybersecurity awareness training. This might sound like a huge cost and a waste of productive time, but it’s not. The more you talk about the importance of keeping your data secure, about acting responsibly with business devices, and being aware of possible risks and threats, the more you are preparing your workforce for possible attacks. You stand more chance of a big data breach problem being thwarted instead of spurring it on with naivety.

Last Word

While most people scroll through their inbox several times a day, few take the time to consider that an opportunistic criminal might be trying to con them. An attitude of awareness and cautiousness is essential in today’s cybercrime-rife environment.

Had a recent email cybercrime-related incident? Tell us about it!

Phishing & Email Scams Gain Momentum in South Africa

One would think that will all the awareness campaigns around phishing and email scams, South Africa’s risk profile would be on the decline. As it turns out, it’s not. Email scams and phishing scams are always on the rise and, right now, unsuspecting South African citizens are being scammed. Whether it’s due to ignorance or carelessness, thousands of rand are being delivered into the hands of criminals via online scams.

What can you do to protect yourself?

Being aware of the latest scams and ensuring that you behave safely online are the first steps to take.  Let’s take a look at the latest…

Ministry of Finance Scam

The Minister of Finance recently warned South Africans to be aware of a scam doing the rounds in the first week of October 2019.  The scam involves an email that is sent to thousands of South Africans claiming to be from the Ministry of Finance. The email advised the recipient that there are millions of rand that need to be claimed from the South African Reserve Bank and that the recipient of the email is indeed one of the citizens entitled to do so. To start the claims process, the individual will need to send through their particulars, including:

  • Full name
  • Date of birth
  • Occupation (place of employment)
  • Cell phone number

The intention of this fake email is to gather the personal information of the recipient.

The Minister of Finance has spoken out against the scam and asked South African’s to ignore emails of this kind from the Ministry. It’s important to note that the Ministry of Finance will never request personal information via email.

Department of Labour Scam

Another scam that’s taken the South African community by surprise is one targeted at the Department of Labour and aims to take advantage of the desperation of some citizens.

The scam, which is social media-based, involves a fake social media page complete with Department of Labour branding. The page features an announcement that claims certain citizens, who have worked in the country between 1990 and 2019, have the right to claim/withdraw R30 000 from the Ministry of Labour. To do so, individuals must check if their name appears on a list of entitled individuals. The next step would naturally be to provide the “Department” with all their particulars, including banking details so that the claim could be paid out. Once again, a fake email is being used to gather personal information.

The Department of Labour has spoken out against this scam and informed the public that there is no such benefit in place.

Are the Criminals Winning?

Does the steady increase in phishing and email scams in the country, and the world, mean that there are no wins from the cybersecurity community? No, it doesn’t. In fact, that is where the good news comes in. Just recently, the Department of Justice in the United States made a massive breakthrough in Cyber Crime, where 281 email scammers were arrested in a major global sweep.

While South Africa didn’t appear on the list of criminals, South African citizens have undoubtedly been the target of many of these arrested criminals. The Department of Justice seized a whopping 3.7 million dollars during the operation while arresting people from the following countries:

  • Nigeria (167 arrests)
  • United States (74 arrests)
  • Turkey (18 arrests)
  • Ghana (15 arrests)
  • The last seven criminals were located in France, Italy, Kenya, Malaysia and Japan.

As you can see, West Africa is in the lead by leaps and bounds.

Protect Your Own Best Interests

While it might not be possible to shut down every scammer in Africa or the rest of the world, there is a way to minimise their impact. And that is through awareness. Tech users need to become savvy to the prospect of scams and be aware and alert at all times when receiving emails and other forms of communication from people and enterprises they do not know.

If something seems a bit fishy, it is best not to respond, or completely shut down communications. Also, keep in mind that any email requesting personal information over the internet is not considered safe and secure – rather avoid it. If you wish to confirm that it is, in fact, the authorised company or person making contact with you, call the company in question and speak directly to an official representative.

The 4 Most Damaging EMail Attachments

Email attachments have been blamed for viruses, malware and complete and utter computer breakdowns many times in recent years. Despite the plethora of warnings stating “do not open attachments from unknown senders” and “do not click on links in Emails”, still people, and entire corporations fall victim to the plight of an infected or malicious email attachment. More recently, Trickbot, Gandcrab, NanoCore Remote Access Trojan, and AgentTesla malware are malicious infections that have been contracted by opening seemingly innocent DOC files and ZIP attachments!

Spam isn’t Always Easy to Recognise

Not all online and email scams are as obvious and easy to spot as the infamous Nigerian prince looking for ways/reasons to send you spans of money. Some scams look so legitimate and trustworthy that the average man on the street will fall prey to it with little encouragement. That being said, what can you do to ensure that you spot the warning signs of a malicious attachment? Being aware and knowing what to be suspicious of is a good start.

The first thing you need to know is that hackers do their very best to keep their intentions secret. They won’t make it evident that the attachment is malicious, so you need to do a bit of detective work. Any regular PDF, DOC, XLSM, ZIP, ISO, or IMG file can be used for a spam or malware campaign, and this makes recognising a threat all the more complicated.

4 Types of Attachments You Should Be Wary of

We have already mentioned these file types above, but here are 4 of the most dangerous email attachments and how they are used to deliver destruction to your device & data.

1. Trickbot Modular Banking Trojan Spread by DOC/XLSM Files

This trojan is typically sent as an Excel spreadsheet detailing tax records and similar. Once the spreadsheet is open, a BitsAdmin tool takes control and starts stealing data from the device and network, in particular, banking data.

2. GandCrab ransomware spread with ZIP files

GandCrab ransomware, when unwittingly installed on a computer, encrypts all the machine’s contents and then displays a ransom note to the user. Once the user has followed the instructions on the ransom note (usually to pay money), it is expected that the ransomware can be removed. This ransomware looks much like a ZIP file photo attachment in an email.

3. Amex Phishing via PDF File

This phishing campaign specifically targets American Express customers. An email is sent out with a PDF attachment stating that the customer’s Amex account is “under review”. Once the email is opened, the attachment contains a link directing the customer to a secure message from Amex. Once the link is clicked on, it takes the customer to a Malicious website page which looks just like an official Amex page. Here, customers unwittingly input their banking details where hackers promptly steal them.

4. Winner scams Sent by PDF File Attachments

One of the biggest email scams is the “winner scam”. The email, which looks as though it comes from an official Google email account, states that the recipient has won in the online Google sweepstakes. To receive the prize, the recipient must input their personal details and the bank account details where they wish to receive their winnings. Of course, sensitive data is provided such as ID number, address, telephone number etc. There are no winnings – in fact, the entire scam is being run by identity thieves who then use the personal information to open accounts or take out loans.

What to Do

If you receive emails with attachments from people you do not know, do not open the email. It is also highly unlikely that you will be advised of a big win via email. If you are suspicious, google the phone number for the company and call them directly to verify that the information that you have received is legitimate. Also, never provide your personal details to a person or company you have not made initial contact with (or know) yourself.

If you have any tips and pointers to help others avoid email attachment scams, we’d love you to share them with us.