Recent News

Identity Protection Tips: Email Safety

Email is a common target for malicious hackers. Two of the more common techniques they use to compromise email are business email compromise and malicious document attachments.

Business Email Compromise

 The FBI describes Business Email Compromise, or BEC, as a financially-motivated and often sophisticated scam carried out by organized crime organizations. The technique involves impersonating a trusted party, then using that position of trust to convince an employee to transfer funds or sensitive data to the attacker. Some common scenarios described by the FBI’s Internet Crime Complaint Center include:

  • Scammer imitates a company executive, or an actual business partner
  • Requests a funds transfer, or sensitive data. Often Employee tax records (W-2 scam)

Malicious Attachments

The second common technique is malicious attachments emailed to a target. These are usually less sophisticated and not tailored to a specific person, but rather the same email is copied to many different people. A recent example:

  • Subject: legally binding contract
  • Attachment: contract_#####.doc

By default, Microsoft Office is configured to open emailed documents in Protected View – a mode that disables any malicious macros contained in the documents. If you click on the attachment, you will likely be prompted to disable Protected View so the attachment can download full-fledged malware to your PC.

How to Avoid these Scams:

  • Pay attention to the “from” address of an email – is it instead of
  • If you reply to a message, pay attention to the “TO” field. A scam email may show “” as the sender, but change to the hackers address when you reply.

Email may appear to come from the boss’ personal email address – does the CEO typically send business-critical messages from a personal account? If email originates from an account not commonly used for business, confirm through another method that the request is legitimate (here are additional tips to combat BEC). ere aerUse

  • When viewing Microsoft Office attachments, keep the document in Protected View to prevent malicious macros from running. Be particularly suspicious of any document that instructs you to “enable editing” or “enable content” or “enable macros”.

Exercising caution when opening and responding to emails is a critical step in protecting your personal information from identity theft and other scams.

Leave a Reply

Your email address will not be published. Required fields are marked *

[wds_resources_posts hide_posted_on="" featured_posts_only="" ignore_post="8640" hide_featured_image="" tag_location="below_title" post_type="post" term_comparision="ALL" resource_cat="" resource_tag="" post_cat="" post_tag="" heading="Recent News" subheading=""]

Recent News

CAN-SPAM Gives Email a Makeover

In today’s digital world, email is one of the main ways we contact each other. 14 years ago, Congress signed a set of rules called the CAN-SPAM Act designed to protect consumer privacy and limit the amount and type of unsolicited marketing messages they receive.

Have You Heard of Smishing?

Jackie here. Have you been smished? You’ve heard of phishing, hacking, and spoofing, but we’re guessing that you may not have heard of smishing. This threat isn’t new, it has been used for several years now, but it is becoming more common. Here’s what you need to know to protect yourself. What Is Smishing? Smishing […]