Don’t be tricked into clicking on that email image

Don’t be tricked into clicking on that email image

Make sure you know how to protect yourself from this image phishing scam

by Kurt Knutsson

Cybercriminals are at it again with the latest popular phishing scam that involves victims clicking on images sent to them via email that are riddled with malware. A report from the Israeli security firm Check Point Harmony Email reveals this new technique that hackers are using. I’m going to go over all the details we know and how to avoid becoming the next victim of these vicious attacks.

 

How are hackers pursuing this new phishing technique?

Typically, when a hacker sends out a phishing email, it will consist of a link that the victim is urged to click on, which will lead them to a phishing website (often disguised as a legit site like Amazon) where they are urged to hand over their personal information. However, this technique has hackers using images instead of links.

phishing email

Phishing messages can be spotted more easily if you read carefully because there are typically spelling and grammar errors in them. By using only images, hackers can avoid these mistakes and instead urge victims to click on the image that will take them to the phishing website. These are stereotypically large promotional images that one might see in an advertising email from a company like Best Buy, Kohl’s, or another large retailer, so victims may not second guess it right away. However, once the image is clicked on, victims are taken to phishing sites that are designed to steal passwords and other sensitive information.

 

MORE: MASSIVE CYBERATTACK STRIKES MILLIONS: ARE YOU AT RISK? 

 

How are hackers getting people to click on the images?

Although the image is the main focus, there is always persuasion involved when it comes to phishing scams. The way that these scammers are getting people to click on these images is by tempting them with special perks from big retailers. They will claim that you can win gift cards, loyalty points, and more by clicking the images, and those who jump in too quickly end up getting scammed.

1-PHISHING SCAM ON PHONE

 

How can I avoid being scammed like this?

There are a few precautionary steps that you should keep in mind whenever you open any email, even if you think it’s from someone you trust. Here are some of my tips.

2-STRESSED WOMAN ON COMPUTER

Check the sender’s address

If you’re receiving an email that’s claiming to be from a major company like Walmart or Delta, look closely at the sender’s email. You can easily use your trusted search engine to look up the real email address for these companies and if the email you got doesn’t match that address, then you’ll know it’s a scam.

 

MORE: THOUSANDS OF IMPOSTER WEBSITES DISCOVERED MIMICKING TOP BRANDS TO STEAL YOUR BANKING INFO

 

Don’t click links or open attachments

If you get an email from an unknown sender and it has links, attachments, or in this case, images that you’re being urged to click on, this is a big red flag. This is one of the main ways that scammers will lead their victims to phishing websites, so make sure you’re not just blindly trusting the sender and clicking on whatever they’re offering you.

3-SHOCKED MAN ON COMPUTER

Don’t let your emotions get the best of you

When you’re checking your email, it’s really important to remember that hackers and scammers often use sneaky tactics to trick you. One common trick is to create a sense of urgency, hoping that you’ll panic and click on their malicious links or respond to their phishing emails without thinking. So, the key here is to stay calm and not let your emotions get the better of you. By keeping a cool head and being aware of these tricks, you can avoid falling into their traps and protect yourself from their schemes.

 

Enable two-factor authentication

Enable two-factor authentication whenever possible. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.

 

Have good antivirus software

Keeping hackers out of your devices can be prevented if you have good antivirus software installed. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware on your devices, allowing hackers to gain access to your personal information.

Special for CyberGuy Readers:  My #1 pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.  

Best Antivirus Protection 2024

 

Kurt’s key takeaways

Cybercriminals are now using images instead of links in their phishing emails to deceive us and lead us to malicious websites. To avoid becoming a victim of these scams, it’s crucial to carefully check the sender’s email address, refrain from clicking on suspicious links or attachments, and stay calm to avoid falling into the hackers’ traps. By staying vigilant and following these steps, you can protect yourself from these vicious attacks and safeguard your personal information.

What more could these big retailers be doing to prevent scammers from impersonating them in phishing attacks? Let us know by commenting below.

FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

Related:

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.


   

33 comments

Carol Covato July 9, 2023 - 7:04 am

I got a text yesterday claiming I had left 2,753$ of a compensation payout unclaimed and to “click here” to claim my money. I wasn’t falling for it so I got rid of text.

Reply
Wayne July 9, 2023 - 8:19 am

Hi Kurt: I enjoy your emails explaining how we can use technology. One thing I have not seen is a simple way to see
who is really sending an email. ALL YOU HAVE TO DO IS: “PUT THE MOUSE CURSOR OVER THE SENDER’ S NAME
AND THE REAL SENDER’s address will appear.” Thanks for all the help.

Reply
Kurt Knutsson
Kurt Knutsson July 9, 2023 - 10:08 am

Hi Wayne, please see our article here or here to show you what I mean about putting the mouse cursor over the sender’s name. You can also sometimes just see the email address next to the name in the from field at the top depending on your email client. Also be sure to see in my links above how to reveal the underlying real link of a button or link you’d be clicking on.

Reply
Bill Slawson July 9, 2023 - 8:59 am

I receive a lot of E-mail s from, or say they’re from Harbor Freight, Home Depot etc.; telling me that they will give me a $300 Pressure Washer, if I just click on a link to answer a survey. And the return E-mail address doesn’t match their company, but looks like some vague marketing company. Tempting to fill out a survey to get a free $300 gift right? But I am not clicking on anything like that

Reply
Tony Hatch July 9, 2023 - 11:10 pm

Here in the UK we tend to receive scam emails and texts from the Post Office concerning undelivered parcels with links! Also included are emails purporting to be from PayPal, eBay, Amazon etc! I regularly warn people to be on the lookout for these by checking the email address, spelling mistakes, attachments etc! emailchecker.net is fantastic for checking whether an email address is registered as ‘Good or Bad!’.

Reply

Leave a Comment

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder