Published Monday, September 17, 2018 at: 7:00 AM EDT
The Russian conspiracy to meddle in the 2016 presidential campaign relied on a common scam called "spearphishing." While the history-making scam may sound sophisticated, this form of digital fraud is running rampant. Anyone using email is likely to be attacked these days. Here are some tips to protect yourself.
In a spearphishing attack, a hacker sends you an email message to trick you into disclosing your username and password to a secure account. The message looks like it's from a legitimate source you trust.
You click on the link and, unbeknownst to you, you install a program that records your next 100 keystrokes. The email from a trusted source was a Trojan Horse, malicious software that sends your password and user ID to the hackers.
New variants of the scam are appearing so fast that anti-virus software can't keep up, which puts you on the front line in defending yourself from attack. Perhaps the most important way to thwart an attack is by looking at links in emails before clicking.
In this popular spearphishing scam, hovering over the link in the email displays a website address that is absolutely, positively not Federal Express. And the email address from which this message was sent is plainly NOT a legitimate Federal Express dot-com account. Often the "From" address will tip you off to a fraud.
Phishing emails, until recently, were easy to spot because they commonly contained misspellings, grammatical errors and company branding mistakes. A scan of hundreds of recent phishing messages indicates fewer of these telltale signs. The scammers are getting smarter.
While the cat versus mouse game has of late been won by the evildoers, software solutions are growing stronger. For example, Microsoft Office 365 online users now have a way of designating a message as "Phishing." This new feature for "blacklisting" a malicious message prevents a scam from hitting you twice and gives Microsoft information about its origin. Of course, updating your anti-virus software is always a must. If you ever have any questions about emails you receive from us, please do not hesitate to call us.
This article was written by a professional financial journalist for McCarthy Asset Management, Inc and is not intended as legal or investment advice.