Skip to main content

Scare Tactics and Action Items to Trick You

Emails that come across with scare tactics like this recent email (below) are pretty easy to research.  Use of words like subpoena and action requests like "Please prepare the documents" are designed to make you click on the document without questioning whether you should. 

I did a quick search for WEX Inc subpoena and the first search result was a malware report: 
http://www.malware-traffic-analysis.net/2017/05/10/index2.html
The cool thing about websites like Malware-Traffic-Analysis.net is that they do the dangerous clicking for us and they are rather quick to post their findings. If you follow the link above you'll see the research they did on the malware and what it does.  The downside is that they don't spend much time explaining their findings to the regular Joe.  It makes sense to me, but I have spent 24 yrs in IT. 

You'll notice my client received this email on May 10th and the Malware post about the fake emails was also posted on May 10th.  If you're not sure about whether to click on a link or an attachment in an email, you can always wait a day to see of a malware report is posted.

In lieu of a malware report this email still fails the checks I recommend that every small business owner practice noticing about all emails they receive. These checks are:

  1. Do you know the sender? - In this case the answer was no, but because it is claiming to be a subpoena, the client figured they wouldn't know the sender.  If you don't know the sender begin to be suspicious.
  2. Does the name in the email address match the name in the name in the signature block? - In this case no.  
  3. Are there inconsistencies? Yes! Aaron is not James although they share the same last name.  Also the subject line implies that the email was forwarded, however, the forwarded email header information is missing in the body of the email. 

Comments

Post a Comment

Popular posts from this blog

Home Advisor Isn't A Good Advertising Choice for Small Business Owners

Note:  This blog article is off topic from IT Security for Small Business, but online advertising is adjacent to IT due to the technical nature of the many of the tasks associated with creating and maintaining an online presence.  It is important for small business owners to delegate or outsource certain administrative things such as online and search engine marketing.  HomeAdvisor bills themselves as just that, the answer to your online marketing problems.  However, HomeAdvisor is really bad for the home services companies and contractors that HomeAdvisor claims to represent. Why is HomeAdvisor bad? Because they snipe leads and give them to other companies! When HomeAdvisor acquires Angie's List later this year there will be fewer options for small service provider companies that need these types of services for online advertising. How? When a company signs up with Home Advisor that company gives HomeAdvisor the right to their c ompany name and brand in onli...
Post a Comment
Read more

Recognize a Phishing or Scam Email

Today a client received an unsolicited email from Kelly Reed, a supposed Marketing Executive. Now in general this email seems innocent enough, offering a list of interior designer contact information to a home renovation company.  Upon closer inspection there are clues that this isn’t from a legitimate person and/or company.  In the highlighted areas above are clues.  The highlighted email address indicates a hooverscustom.com as the company URL.  Using a browser, review the Search Engine results for hooverscustom.com. What I found was that there was no website. Now this isn't unheard of for a small business, but in conjunction with the fact that no company name is given and then only Texas, USA in the signature block, it is even more suspicious.  Who just gives the state that they're in? What would happen if you were to reply to this email? Maybe nothing, but there is a myriad of opportunities here for potential scammers. More than likely someo...
Post a Comment
Read more