The end-of-year holidays often announce the upsurge of fraudulent mass e-mails campaigns. Indeed, cybercriminals take advantage of this period, when vigilance can be particularly low, to launch phishing e-mails.
What are phishing and slamming?
Phishing is used by cybercriminals to obtain personal information in order to commit an identity theft.
In the world of phishing, slamming is a well-known variant that consists in encouraging domain names holders to renew their annuity with another registrar, by arguing the emergency and criticality of the concerned name’s loss. Concretely, this is an e-mail pushing its recipient to contract an unsolicited service and to proceed to the payment of this latter without delay.
Thus, the slamming may take the form of a fraudulent renewal invoice, usually associated with intimidating terms like “Expiration notice”. Under the pressure of such e-mail, generally well built, it happens that the recipient then proceeds to the payment and finds himself debited with an important amount for the so-called renewal.
In the same way, the slamming e-mail may also indicate that a “customer” of the sender, posing as a fake registrar, intends to register domain names identical or similar to your brand. Then the fraudster proposes to register them for you in order to protect you from these troublesome registrations, of course, in exchange for an urgent payment.
Another kind of attack, the suspicious e-mail attachment!
Be careful of fraudulent e-mails with infectious attachments: a single entry point is enough to destroy a network!
The aim of a trap and thus malicious attachment is to pose as a legitimate file (PDF, Word document, JPG image…), while hosting and hiding a malicious code: this is what we generally call Trojans.
Some simple rules to protect against them
- Always stay alert when someone asks you your personal data;
- Do not ever open an attachment from an unknown sender, or from one who is not entirely trustworthy;
- Check the links by hovering the cursor over them (without clicking) to ensure that they link to trustworthy websites;
- Never reply under the pressure of this kind of solicitation and of course do not proceed to any payment;
- If there is any doubt, do not reply to the e-mail and contact the sender through another method who will confirm whether it really is a fraud attempt or not.
To remind you of this more often, you can find a wallpaper to download on the Nameshield website:
Image credits : Nameshield with storyset.com