News

News

The Top four types of Email Spam

The Top four types of Email Spam

Every day, hundreds of thousands of scam emails flow into the inboxes of users worldwide. While it’s painfully obvious that some are completely fraudulent, phishing emails – particularly those targeted at businesses – are becoming much more sophisticated, and increasing numbers of users are being tricked into sharing valuable company information.

1. SPAM
Not necessarily malicious, but it is illegal in Australia. SPAM is repetitive, unsolicited emails which the recipient hasn’t requested to receive.

There are two origins of SPAM emails. SPAM which comes from spammers themselves and SPAM which originates from computers infected with a virus or worm that are sending out bulk emails. This is the type which tends to be malicious.

2. Phishing
This is a type of scam intended to trick you into entering personal information like usernames or passwords or credit card details. The best way to identify a phishing email is to look at the from address and verify that it’s real. This can be difficult when the domain (the bit after the @) is similar to the legitimate version. But a quick message to the genuine sender (don’t reply directly to the suspicious email!) can verify if it’s legitimate rather quickly.

3. Business email compromise/fraud
A real looking email address can be set harvested from social networks. Scammers can now easily address your finance department on first name terms, using an account with your real name and real picture. Or alternatively, gain access to the real account through a phishing campaign, letting them send emails from there.

Emails requesting urgent funds or an invoice to be paid or notification of a change of banking detals. Of course, the bank account they ask you to send the money to is owned by the scammer.

4. Spoofing
Spoofing involves forging email headers so that emails appear to originate from a genuinely legitimate source. Not to be confused with setting up a similar address. Spoofing is where a scammer tricks the email server into genuinely thinking that an email came from who the scammer says it did.

Spoofing is a common technique used by hackers and can occur in many forms. But the most common is to try and use the authority of their disguise to trick users into visiting a malicious website or downloading a malicious file. The emails are very convincing and difficult to detect as fake.