“There’s no rest for the wicked” is a phrase that scammers tend to live by, and 2021 was no different, with 79% of South African companies surveyed by Liquid Intelligent Technologies reporting an increase in cyber security threats in 2021.
This was attributed primarily to a shift to working from home in South Africa due to the Covid-19 pandemic.
The most common cybersecurity threats these businesses experienced were email attacks that included spam, phishing attempts, and social engineering attacks.
Email phishing attempts can take on several forms, from less-severe scams to sharing files containing malware that can take control of a user’s computer or an entire network.
Less-severe examples include scam emails that tell a story to try and elicit a response from the recipient to get them to provide the attacker with sensitive information — we’ve all received the classic email from a “foreign investor” promising to transfer millions of dollars into our bank account.
On the other end of the scale, several successful email attacks have contained legitimate-looking attachments that, when opened, install malware on the computer that allows the hacker to take control of the device.
This, in turn, allows the malicious actor to access and secure any sensitive information stored on the computer.
Some hackers even aim to access popular social media accounts by sending phishing emails containing “pass-the-cookie-attack” malware.
“Pass-the-cookie-attacks” enable hackers to access user accounts via session cookies that are stored in the browser.
The most common phishing email subject lines include:
- “IT: Annual Asset Inventory”
- “Changes to your health benefits”
- “Twitter: Security alert: new or unusual Twitter login”
- “Zoom: Scheduled Meeting Error”
- “Google Pay: Payment sent”
- “Microsoft 365: Action needed: update the address for your Xbox Game Pass for Console subscription”
- “Workday: Reminder: Important Security Upgrade Required”
It is important to note that these attacks are not only limited to businesses. Malicious actors often tend to attack personal email addresses as well.
Google recently supplied more than 10,000 security keys to Gmail users as the Fancy Bear group — a Russian cyber espionage organisation believed to be driven by military intelligence — began to target high-profile personal and business accounts.
What to look out for
- Legitimate information — Email phishing campaigns often impersonate well-known brands or organisations. If you receive a suspicious email claiming to be from a renowned company, look for their official contact information to compare the email addresses. Also, look for incorrect spelling and check the email domain.
- Malicious or benign code — Keep on the lookout for anything that includes code designed to deceive Exchange Online Protection, such as downloads or links with typos.
- Shortened links — Avoid clicking on shortened links in emails (unless you know the source) as malicious actors use these links to trick Secure Email Gateways.
- Fake branding — Scan the email for any forged brand logos.
- Little text — Be wary of emails containing an image and very little text as the image could serve malicious code.