Your email didn’t expire, it’s just another sneaky scam

It’s hard to ignore the rise of phishing scams these days; they seem to pop up in our inboxes with alarming frequency. As we become more aware of these deceptive tactics, scammers are also upping their game, using increasingly sophisticated methods to lure in unsuspecting victims.

One particularly sneaky tactic involves impersonating a help desk or support team. You might receive an email claiming that your Microsoft 365 account is set to expire today. The goal? To create a sense of panic and urgency, prompting you to act quickly without thinking.

 

 

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

 

 

How can you tell if it is a scam email?

It’s easy to see why people fall prey to these sorts of tactics because scammers do a relatively good job of making these scam emails appear professional and legitimate. They go as far as to change the contact information of the email sender to something legitimate like an actual helpdesk or IT department or business.

Upon further examination of the email sender’s contact information, you can see that the domain address of the actual email address is different and random. For example, the name in the ‘From’ field of the email may read from helpdesk, but if you click on the contact information to view the email address, it will have a domain from @magicpin.in, @gmail.com or @hotmail.com, etc. If it’s an email supposedly from Microsoft, you’d expect the domain to be microsoft.com.

 

DON’T CLICK THAT LINK! HOW TO SPOT AND PREVENT PHISHING ATTACKS IN YOUR INBOX

 

How are victims exploited by these types of scams?

Getting a ‘fake’ email may seem relatively benign, but it can be a slippery slope to identity theft and fraud. Below are ways in which scammers take advantage of their victims with these phishing email scams:

1) Email validation: By opening the email or engaging with the email (clicking a link or responding to it), you can validate that the email account they messaged is active. Oftentimes, scammers randomly email people who’s email address they’ve gotten from data breaches, the dark web, or data harvesting.

2) Information gathering: If you reply to the email or use any other contact information they provide to ‘reinstate’ your account, it will validate that the email address they reached out to is active and they will likely hard-sell you for financial and personal information. If you call any phone number they provide you, they will also connect your phone number with your email address so they can continue to update their information on you.

3) Malware distribution: They will often have buttons, links, or attachments included in the email. If you click the attachment, it can download a malware or virus to your device. If you click on a link that’s provided in the email, it might take you to a website that will collect your personal and financial information or download malware or viruses to your device.

 

SNEAKY SCAMMERS DRAIN BANK ACCOUNT IN SINISTER PHONE PHISHING SCHEME

 

What should you do if you receive these types of phishing emails?

There are a few easy steps you can take if you receive an email you suspect is a phishing scam.

1) Do not click on any links or buttons and do not download or open any attachments: This helps prevent malware installation and protects your personal information.

2) Do not reply or reach out to these scammers by email or phone: Engaging with them can confirm your email address is active, leading to more scams.

3) If your email client allows it, you can block the sender and report it as a phishing email: This action helps protect yourself and others by alerting your email provider to malicious activity.

4) Verify the email’s legitimacy by checking the official website of the organization: Directly accessing your account ensures you receive accurate information without falling for fake notifications.

5) If two-factor authentication is offered for your account, enable it: 2FA adds an extra layer of security, making it harder for scammers to gain access even if they have your password.

6) Invest in personal data removal services:

Special for CyberGuy Readers (60% off): 190+ data brokers 3 emails, 3 home addresses and 3 phone numbers

 

 

HOW TO STOP PROMOTIONAL EMAILS WHERE YOU CAN’T UNSUBSCRIBE

 

 

Kurt’s key takeaways

Phishing scams are becoming increasingly sophisticated, but staying informed and vigilant can significantly reduce your risk. By adopting good digital habits and following the tips we’ve shared, you can navigate the online world with confidence. Remember, awareness is your best defense—so keep sharing this knowledge with friends and family to help protect everyone from these deceptive tactics.

What’s the most unusual or clever phishing attempt you’ve encountered, and how did you recognize it as a scam? Let us know in the comments below.

FOR MORE OF MY TIPS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

Related posts

Chinese hackers target US telecoms: What you need to know to protect your data

Unbeatable Holiday deals extended

7 must-have apps to save big this holiday season

1 comment

Robert W. November 13, 2024 - 10:21 am
The current phishing scam I've seen most recently is infected REAL websites, where a popover ad comes up and warns that "blah blah blah" (site you are viewing for news, etc) has as a "public service" has detected that your PDF viewing capability has (either) expired, been compromised, infected or removed - and you need to click the link in the ad to obtain a working PDF viewer for your phone. Some even try telling you "do this now before your Android system fails". And this is happening at MAJOR websites (chicagotribune.com is one that when my wife is there and this happens she used to think it actually came from the newspaper) so it is not a "random thing" or only "sketchy" websites
Add Comment