7 October 2019

Email Impersonation Attacks on the Rise: Identifying Scam Emails

Cyber Security Awareness month is upon us and according to Matthew Gardiner, the cybersecurity strategist for Mimecast, email impersonation attacks are on the rise by 80%. This poses the question – are you doing everything to ensure that you aren’t the next victim of a cyber scam?

With all the pros that come with the advancement of technology, there had to be some cons. These cons typically come in the form of cyber-criminals, people that use computers in the commission of a crime or make computers the target of their criminal offence. One of the most common forms of cybercrimes being ‘Phishing’ or ‘Spoofing’ which is the forgery of an email address in order to retrieve sensitive information, often used for financial gain.

Paul Stafford, the general manager of Mimecast in KZN, stated that 92% of cybercrimes start with email as it is the most intrinsic corporate information service. Corporate email domains are more commonly the victim of Phishing and recently the Real Estate industry has been the target of several cyber scams, as they often handle the personal information of buyers and sellers. Although not the most common target, personal email accounts are not free from cyber attacks. When it comes to personal emails, Oliver Potgieter the Chief of Technology at Alto Africa, reported that many cyber-criminals have moved away from targeting victims with clickable links to acquiring sensitive information, such as passwords.

There is no foolproof way to identify a scam email, however, the following are 6 tell-tale signs that you can use to guard yourself against suspicious emails.


Email Impersonation Attacks on the Rise: Identifying Scam Emails

An example of poor spelling or grammar. Image courtesy of Security Metrics.

1. Poor spelling and grammar

The first and most obvious sign that an email was sent by a scammer is poor spelling and grammar. Emails sent by  legitimate organisations should be well written. These ‘mistakes’ are also often strategic and can be so subtle that the average eye might not pick it up. Note the spelling mistakes in the example alongside.

2. Email domains

It is important to check both the name of the person sending the email and the email address. You can do so by hovering your mouse over the ‘from’ address. Look out for alterations to the domain, such as john@bluesecurity123.co.za as opposed to john@bluesecurity.co.za. Once again, this isn’t a foolproof method as some companies do make use of varied domain names and third-party email providers.


Email Impersonation Attacks on the Rise: Identifying Scam Emails

An example of hyperlinks. Image courtesy of Security Metrics.

3. Website links

Hovering your mouse over a web link will allow you to see whether or not it matches the displayed link in the text. In the case of hyperlinks, shown in the image alongside, you can hover your mouse over the text to check if the link matches the context of the email. If it does not match you can be sure that the link will take you to a site that you do not want to visit. Another aspect to check is whether or not the link begins with https://, without which it cannot be trusted. It should also be noted that hackers sometimes mix legitimate links with fake links, making it imperative that you check ALL links in an email, before clicking.

Email Impersonation Attacks on the Rise: Identifying Scam Emails

An example of attachment file types. Image courtesy of Security Metrics.

4. Unsolicited attachments

Authentic organisations don’t typically send unsolicited attachments and rather direct you to their website to download files.  If you do receive an email with an attachment, be on the lookout for high-risk file types such as .exe, .scr, and .zip. See the example alongside. When in doubt you should always contact the company using contact info you obtained directly from their actual website.

5. Requests for sensitive information

Unsolicited emails that request you send through sensitive information or follow a link to log in are most likely a scam email. A legitimate company typically doesn’t request personal information such as passwords, credit card information, or tax numbers via email.


6. A Forceful or urgent tone

If an email appears to have a very urgent tone or is trying to force you to click links provided in the email, you can be sure that it is a scam. For example, “This offer is for email subscribers only. It’s only valid when you click through from Hotels.com coupon email. Access your Hotels.com coupon email from your inbox and click through to our website.”

In isolation, the signs above may not be proof that an email is a scam. When you receive an email that you are unsure of, look for a combination of the above mentioned. If there are several tell-tale signs then it is most likely a scam email and should be left alone or deleted.

Have you ever been the victim of a cybercrime? Reply to the Siren email to share your cybercrime story with us.

Share this: