EIKON TECHNOLOGY BLOG

29

Aug


email

If you see email about important doc through Google Drive/ Dropbox and the sender claims never sent email about it to anybody. That means your email account is infected with “Phishing”.

Someone's email account gets cracked, and is used to send an email with a link to a phishing login to harvest even more credentials. Because the phishing email is coming from someone who is real, and even known to you, it is more likely that someone will fall for it. Be very careful and watch out for Phising Email.

This email claims to have an "important message" for you that they uploaded to Drive or Box or any others. If you provide your email credentials, you yourself have been phished.

About phishing

A phishing website or message tries to trick you into revealing personal information by appearing to be from a legitimate source, such as a bank, social network, or even Google. If you receive a suspicious message, do not provide the information requested. We've included some tips to help you recognize phishing and keep your account secure.

How can I recognize phishing?

You should always be wary of any message that asks for your personal information or messages that refer you to a web page asking for personal information. If you receive this type of message, especially from a source claiming to be Google or Gmail, please don't provide the information requested. Google will never send unsolicited messages asking for your password or personal information, or messages containing executable attachments.

Messages or websites phishing for information might ask you to enter:

  • Usernames and passwords
  • Social Security numbers
  • Bank account numbers
  • PINs (Personal Identification Numbers)
  • Full credit card numbers
  • Your mother’s maiden name
  • Your birthday

Thus, NEVER provide any credentials to unknown website. Make sure you double check the URL.

What should I do when I see a phishing scam?

First and most important - RESET YOUR PASSWORD!

Never reply to suspicious emails, tweets, or posts with your personal or financial information. Also, don’t fill out forms or sign-in screens that link from these messages.

Most email providers, including Gmail, allow you to report suspicious emails and phishing scams. To report phishing in Gmail, click the drop-down arrow next to “Reply” and select “Report phishing.”

Capture phish1

Select the Report Phishing Message option to finish the process.

Capture phish2

Reporting a message as phishing will prevent that user from sending you more emails. Also, we'll use the report to help thwart the attack and others like it.

How to avoid the Email phishing :

 

Below is the example of Email phishing :


Capture phish3 Capture phish4 Capture phish5 Capture phish6 Capture phish7 Capture phish8 Capture phish9 Capture phish10 Capture phish11 Capture phish12 Capture phish13

 

Phishing Landing Pages:

The link will go to some compromised website which loads a page to harvest your password if you try to log in. Because these allow you to hand over your account password for a wide variety of accounts, like casting a wide net and hoping for some fish, we call these seine phishing.

Capture phish14 Capture phish15 Capture phish16

Same email, but from normal spammer sources like botnets:

These usually come from real email accounts from real people you know, but occasionally the same template is used by traditional scam emailers:

Headers samples:

Received: from smtp202.alice.it [82.57.200.98]
X-Envelope-From: doc @doc.com
From: "Google Drive"<doc @doc.com>
Subject: Important & Confidential

 

Coba Gratis G Suite Selamanya

It's All About The Cloud

Welcome to EIKON Technology blog! We're excited to share our insights about the IT industry and the Cloud. Subscribe today to get the latest news.

  • Cloud News
  • Partner Updates
  • Product Releases
  • Company News

Subscribe To Updates

Popular Post

Recent Posts