Email Phishing on the Rise: Is Your Mailbox Safe?

By now, most everyone has heard of “phishing,” the act of defrauding an online account holder by posing as a legitimate company or person. Simply put, it’s when bad guys pretend to be someone or something they’re not to steal from you or your company.

They’ll use “spoofed” email addresses, websites and attachments to convince you to give them personal information, financial details, account passwords and even wire transfers. These criminals use advanced tactics and social engineering to learn about you and your company so they can present tailored information you wouldn’t think to double check.

“Spear phishing” is even more egregious, appearing to originate from within your company or your domain and targeting a specific person or company.

Examples can include what appear to be:

  • your IT guy asking you to login to a system or website,
  • your boss asking you to “open the attached document,” or
  • your CEO asking you to initiate a wire transfer to one of your vendors.

Because it’s so effective, phishing and spear phishing attacks continue to rise exponentially.

Part of the problem lies with us. Because we know what phishing is, we think we’re not susceptible — it only happens to other people, to dupes who aren’t paying attention.

But when we think it can’t happen to us, we let our guard down — and then we become most susceptible. Just ask the now-infamous Mattel executive who wired $3 million to a scammer.

“Email is such a common and trusted form of business communication that employees are extremely susceptible to spear phishing,” noted a recent report from Cloudmark, a Rackspace Email Partner and leader in the anti-spam industry. That report found fully 94 percent of companies surveyed acknowledged that their employees have fallen for a contrived phishing attack.

So — still think this can’t happen to you?

What can you do?

This is scary stuff, but you can fight back. If you (and your colleagues or employees) look for the signs of phishing and practice basic email hygiene, staying safe is actually pretty easy. The best way to combat phishing is just exercising common sense.

Here are a few tips to keep you on your toes.

Do not share personal information! EVER!

This really cannot be emphasized enough. Never respond to an email with personal information, financial information or passwords. Ever. Think about the risk-to-reward ratio. Is the upside of quickly sending this info worth the risk? Remember — NO reputable company will EVER ask for these details in an email.

Visit websites directly from browsers and bookmarks – not email.

Whenever possible, avoid clicking a link in an email to login to an account. It’s easy to misrepresent where that link may be taking you. A link might say “PayPal.com,” but it’s really pointing at “PeyPals.com.”

A quick way to double check a link’s actual destination is to hover your mouse over it. In most cases, your browser or email application will show you the true path.

p

If you’re logging in to your bank or other website, access the site directly instead of clicking a link in an email. Be especially suspicious of emails asking you to click a link to confirm your account information.

Double-check attachments before you click or download them.

Be careful with attachments. Word documents and Excel spreadsheets may contain macros or viruses that compromise your computer. These files can automatically download malware or direct you to malicious websites. If an email or attachment looks even the least bit suspicious (misspellings? See below), confirm its origin with the sender. Call, text or message them before you click.

Also, it is critical to have anti-virus software installed and up-to-date on your computer.

Whach for missspellngs and urginsee.

Although it’s not a hard and fast rule, poor grammar can often be a tell-tale sign of phishing. Look for unusual use of words, misspelling or even strange greetings (Hello Madam!). Also, be suspicious of an email that evokes a sense of urgency and asks you to do something right away.

When it comes to wire transfers, be extra vigilant.

The vast majority of people do not wire money as part of their day-to-day duties. So if you’re asked for a wire transfer, that should immediately raise a red flag. Double-check the request, OUTSIDE OF EMAIL, before you do anything. If you’re in the business of transferring money, never rely on email as a secure communication channel for these requests. Always confirm through alternative means.

When in doubt… DO NOTHING!

Being unsure and still clicking around suspicious emails can be disastrous. Take the time to be vigilant; confirming an email’s origin and intent can save you, and your company, a ton of grief (and maybe even money). If you have even an iota of doubt – DON’T CLICK ANYTHING. Delete the email, and pick up the phone.

Maybe more than ever before, the old adage holds true: when it comes to email and phishing it is truly better to be safe than sorry.

For more information about how to keep your inbox safe and your email secure, visit Rackspace email hosting solutions.

Brian Cross is the Product Manager for Rackspace Email and works in the Blacksburg, Va. office.

11 COMMENTS

  1. A simple thing that RACKSPACE should be doing is to require using HTTPS when using login page to the webmail interface. My wife had her Rackspace account credentials hacked a few times before I figured out she was able to login unsecured. I’ve talked to a Rackspace support person – who said he didn’t think you could force that. But of course you can. No bank let’s a user login without HTTPS.

    • Randy,

      Rackspace Webmail Product Manager here. Thanks for this important feedback. We take this issue seriously. First, I want to clarify that if you are using our branded login sites (https://apps.rackspace.com, or https://beta.apps.rackspace.com), your credentials will not be submitted in plain text, even if you end up on the unencrypted login page. That’s because either way, we have the form submit over TLS.

      That said, we recognize that an unencrypted login page doesn’t inspire confidence with our customers, and worse yet, could be vulnerable to man-in-the-middle (MITM) type attacks. We have a plan in place to improve this implementation.

      In the meantime, I encourage users to directly access our encrypted pages by typing the full url, including the “https://” portion. Installing a browser plugin like HTTPS Everywhere (https://www.eff.org/https-everywhere ) can further enhance your security on our site, and elsewhere on the internet.

    • Randy you are 100% right , I have virtual store and my site has Http and https
      if you try to buy you automatically redirect to https
      it is easy to do

  2. I really appreciate your response. I own a company and have looked into switching our corporate email, but our CTO had serious reservations about ability to login via HTTP (not HTTPS). It’s good to understand that in the background, you are actually encrypting anyway. We look forward to improving that so that MITM is mitigated.

  3. Just got email to my Outlook email impersonating as Outlook reporting about unusual activity detected. The email address it came from is “out-office@support.rackspace.com”

    Should I forward phishing email to Rackspace?

  4. In the past few weeks (Dec.2016) my browser (Slimjet, a Chromium derivative) has returned a warning that the branded login page https://apps.rackspace.com/index.php is NOT on secure https:// and I’d continue at my own risk. I then tried my other browser (Palemoon, a Firefox derivative) which lets me through on https:// without warning. Please know that I am very security-minded, block not only adverts but scripts also, very tightly. Both browsers are installed with uBlockOrigin + uMatrix, a combination considered too complicated for most people. Yet Palemoon has additionally NoScript (not avail. for Chromiums) which blocked emailserver.com, leaving Rackspace 98% functional. So your IT team may want to investigate if the use of emailserver.com may be causing your login page to lose its https:// status?

LEAVE A REPLY