Cybercriminals are at it again, with the latest popular phishing scam that involves victims clicking on images sent to them via email that are riddled with malware. A report from the Israeli security firm Check Point Harmony Email reveals this new technique that hackers are using. Here are all the details we know and how to avoid becoming the next victim of these vicious attacks.
How are hackers pursuing this new phishing technique?
Typically, when a hacker sends out a phishing email, it will consist of a link that the victim is urged to click on, which will lead them to a phishing website (often disguised as a legit site like Amazon), where they are urged to hand over their personal information. However, this technique has hackers using images instead of links.
Phishing messages can be spotted more easily if you read carefully, because there are typically spelling and grammar errors in them. By using only images, hackers can avoid these mistakes and instead urge victims to click on the image that will take them to the phishing website. These are stereotypically large promotional images that one might see in an advertising email from a company like Best Buy, Kohl’s or other large retailers, so victims may not second guess it right away. However, once the image is clicked on, victims are taken to phishing sites that are designed to steal passwords and other sensitive information.
How are hackers getting people to click on the images?
Although the image is the main focus, there is always persuasion involved when it comes to phishing scams. The way that these scammers are getting people to click on these images is by tempting them with special perks from big retailers. They will claim that you can win gift cards, loyalty points and more by clicking the images, and those who jump in too quickly end up getting scammed.
How can I avoid being scammed like this?
There are a few precautionary steps that you should keep in mind whenever you open any email, even if you think it’s from someone you trust. Here are some of my tips.
Check the sender’s address
If you’re receiving an email that’s claiming to be from a major company like Walmart or Delta, look closely at the sender’s email. You can easily use your trusted search engine to look up the real email address for these companies and if the email you got doesn’t match that address, then you’ll know it’s a scam.
Don’t click links or open attachments
If you get an email from an unknown sender, and it has links, attachments, or in this case, images that you’re being urged to click on, this is a big red flag. This is one of the main ways that scammers will lead their victims to phishing websites, so make sure you’re not just blindly trusting the sender and clicking on whatever they’re offering you.
Don’t let your emotions get the best of you
When you’re checking your email, it’s really important to remember that hackers and scammers often use sneaky tactics to trick you. One common trick is to create a sense of urgency, hoping that you’ll panic and click on their malicious links or respond to their phishing emails without thinking. So, the key here is to stay calm and not let your emotions get the better of you. By keeping a cool head and being aware of these tricks, you can avoid falling into their traps and protect yourself from their schemes.
Enable two-factor authentication
Enable two-factor authentication whenever possible. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.
Have strong antivirus software
Keeping hackers out of your devices can be prevented if you have good antivirus software installed. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware on your devices, allowing hackers to gain access to your personal information.
See my expert review of the best antivirus protection for your Windows, Mac, Android and iOS devices by heading to CyberGuy.com/LockUpYourTech.
Kurt’s key takeaways
Cybercriminals are now using images instead of links in their phishing emails to deceive us and lead us to malicious websites. To avoid becoming a victim of these scams, it’s crucial to carefully check the sender’s email address, refrain from clicking on suspicious links or attachments, and stay calm to avoid falling into the hackers’ traps. By staying vigilant and following these steps, you can protect yourself from these vicious attacks and safeguard your personal information.
What more could these big retailers be doing to prevent scammers from impersonating them in phishing attacks? Let us know by writing us at CyberGuy.com/Contact.
For more of my security alerts, subscribe to my free CyberGuy Report Newsletter by heading to CyberGuy.com/Newsletter.
Copyright 2023 CyberGuy.com. All rights reserved.