Email Scam Alert – NZ – December 2019
Over the last 2 weeks Geeks on Wheels has noticed a growing number of email scam issues in NZ. Generally, the average number of scams that our customers experience per month is around 200. However recently, we have been contacted by an increasing number of non-Geeks on Wheels customers who have also been directly affected by these scams. So let’s take a look at what these email scams are and how they operate.
The emails being sent are targeted at Microsoft Exchange Customers although they can also affect users with personal Microsoft accounts. The aim of the email is to steal your email account details. The scam will then configure a rule to stop you detecting their presence within your account ultimately leading to them acquiring your details and stealing your money.
Email Scam Alert One
The first email scam looks identical (I wouldn’t say identical but its not an email Microsoft would send, withholding emails isn’t a thing they do. But it does look like an email they might send) to an email that Microsoft would send. The email advises you that you have messages being withheld and that the messages will be held until you click the link in the email. When clicked, the link in the email will take you to a ‘phishing website’ which looks identical to the Microsoft login page. Once you login, your username and password will be stolen.
Email Scam Alert Two
The second email looks identical (“similar”, they always have typos and slight formatting issues) to a ‘OneDrive’ email. The email explains that someone is trying to share a folder with you via OneDrive and then goes on to say that you will need to click the link to access the file. This link will then take you to the same phishing website with a clone Microsoft login page.
The Next Step
Once the username and password have been stolen, the attacker will login to your email. They will then configure a hidden rule on the server which will forward emails that contain sensitive information with certain wording. These could be invoices, sales or addresses. Once the external address has your emails they will reply to those emails, acting on your behalf requesting money from the people you had received emails from. They will then advise clients that your details have been changed and the scammers will input their own. They will then create a rule that deletes all sent emails. Clever but scary, right?
Once the username and password are stolen, the attacker will login to your email and configure rules on the server that can remain hidden indefinitely. These rules will automatically forward emails containing certain words, such as invoices and sales, to an external address. There have been cases of rules forwarding all emails to the external address, but this is normally picked up quickly by Microsoft and if it’s a business account Microsoft will suspend the account.
What is Phishing
The term phishing is used in the media regularly but what does it actually mean?
A phishing scam is a fraudulent attempt by a third party to steal your personal information, usually made via email or telephone. The scammer will attempt to convince the target that they are a representative of a trusted brand that the customer has used before. While this is usually a bank or internet/ phone service provider they can also pretend to be a smaller service.
Usually, there are two main ways that a phishing scammer will attempt to contact a target. Firstly, a scammer may try to send an email. This email message will look as though it has been sent by a trusted contact and will often have imitation branding of the bank or internet service provider you trust. They will start by telling you that there is an issue with your account and that you must log in by clicking the link in the email. This will redirect you to a fake website that looks like your real bank or internet providers site. They will then get you to put in your login details which are immediately captured by the scammer giving them access to your accounts.
For information about phone phising scams click here.
How to Prevent an Email Scam
If you want to keep your details safe then follow the simple steps below and avoid phising and email scams.
1. Check The Senders Email Address:
False email addresses can look trustworthy by emulating a trusted senders email address. A good check to do if you are unsure about an email is to look at the sender and see if the address is spelled correctly. For instance – send@geeksonweels.co.nz is not the same as send@geeksonwheels.co.nz although they look very similar. The same goes for checking the ending of the email address. Eg. help@test.co.nz is not the same email as help@test.nz. Checking this will be a key indicator on whether or not the email address is false.
2. Check For Spelling Mistakes:
Often scam emails will be written by third-parties outside of New Zealand, where English is not a first language. If you see obvious spelling mistakes in the emails, make sure to be cautious.
3. Call The Real Sender:
If you suspect the email is fraudulent do not call the number in the email. Instead go to the real website of the business and look for a contact number. By calling the sender you will be able to verify whether or not the email was sent by them.
4. Your bank or ISP will NEVER email you to reset your password without you having requested it first. Make sure to contact them by phone to confirm the legitimacy of any emails you receive relating to resetting your password.
Having an up to date email client and antivirus software is also key. These two programs will work together to filter fraudulent and phishing emails before they get to your inbox, so you don’t run the risk of falling for them.
Email Scam Help
Geeks on Wheels offer a FREE first call service for anyone in this situation, so call 08004AGEEK (0800424335) for professional assistance and guidance on how to deal with the situation.
If you have been or think you have been scammed, there are a series of next steps to follow including changing your passwords, scanning your computer for compromises or malicious software, and contacting the providers of the services the scammer pretended to represent.
Geeks on Wheels can assist throughout this process and ensure that your computer is safe to use and is up to date with the appropriate antivirus software.