Criminals trick people in many ways, but just how far will a cybercriminal go?
My friend had a huge panic this morning. She’s woken up and gone through her usual Monday morning routine before she set off for university, only something has alarmed her.
She was finishing off some left-over work when she spotted a strange email pop up in the corner of her screen. What’s alerted her to this email is the fact it appears to be from herself, the email has the exact same display name and the email address is the same.
When reading through the email it appears to be written by someone else. She immediately thinks her account has been hacked.
Understandably she begins to panic, the email describes how the person has ‘hacked’ her mailbox and informs her that all her data has been stolen. The email goes on to describe how there is a virus on her Macs operating system and that changing the password will not solve anything as they will intercept any changes made.
If that wasn’t alarming enough, it even tried to prove the hack was real by telling her what her account password is!
Her first thought is to call her IT friend for help. She sends me a screenshot of the email which even alerts me, I also immediately think of the worst.
At this moment the worst thing you can do is panic, remember that panicking is exactly what a cybercriminal wants you to do. You don’t think properly when you’re stressed and worrying for the worst.
I calm her down, reassuring her that everything will be ok. I ask her to forward the email to me, so I can take a better look and I ask her if the password presented in the email is her current password, she tells me it’s an old password that she changed months ago.
She begins to panic a little more, she begins to think that her account had been hacked for months.
Luckily, I was able to spot that it was all fake rather quickly. As soon as I got the email I hovered my mouse of the apparent sender’s address and found it to not be hers, her address had been spoofed.
Spoofing is a common trick used by criminals where they make their address appear legitimate by copying another. In this instance the criminal copied my friends address and sent her an email to make her think they had hacked her account.
This doesn’t quite explain how they were able to tell her what her old password was, but there are ways to find out…
Most credentials are stolen in breaches and sold on the dark web, using the site https://haveibeenpwned.com/ you can find out if your email had been victim in a cyber breach. When checking my friends address I found that her address had been victim to 5 cyber breaches, which is likely how the criminal got her old password. She was smart (and lucky) to have changed her password since then.
There was another link within the email, the criminal was telling my friend to click the link and pay for her Mac to be restored to normal. Luckily she did not click on the link, as it was a download for a piece of malicious malware. My suspicions say it was likely ransomware.
Ransomware locks up all your data and encrypts it, making it completely useless unless a correct key is provided to decrypt it. To get the key, victims are told to pay a ransom however it is highly unlikely that paying the ransom will get your files back.
To reassure her that everything was going to be ok, I ran a full antivirus scan on her Mac and changed her passwords on her main accounts once more as a precaution. I also permanently deleted the email. She was able to go to University with no worries at all.
My friends story puts into perspective the cruel lengths that cybercriminals will go to to manipulate people into clicking on dangerous links and attachments or providing sensitive information. Criminals don’t care about their victims, they just take their chances at a pay-out!
The success rate of ransomware did seem to have died down in the first half of 2018, however there has been a sharp rise in its success in the third quarter of the year. The likely reason for this is because criminals are creating new ways to trick their targets. Whether it’s tricking, threatening or scare mongering, they’ll go to any length to get what they want!
*The external websites linked in this blog are not provided by Hallidays IT and we are not responsible for the content on them. The use of any software or links from this website are done so at your own risk, Hallidays cannot be held responsible or liable for any damages and/or losses that may result by following them. At the time of writing this blog the links were checked and working correctly and pose no threat.