Email Malware: Impersonation Becomes Primary Deployment Method

When you receive emails from friends or work colleagues on your phone, how much attention do you give to their email addresses? If you’re like some, probably none whatsoever. After all, with mobile email, it doesn’t show the person’s email address just their name. And this is what hackers want to bank on. Now, they are using social engineering to trick people into deploying email malware.

Their New Trick

It’s easy for hackers to spoof messages because all they have to do is change the email address. So, while the display name might read that the messages are coming from your boss, if you’re on your phone, there’s a high likelihood you won’t be checking the email address.

From there, the messages are simple enough. For companies, it’s normally the CEO or a member of the leadership team sending a message. What makes this different from other deployments is you won’t have a call to action right away. With other scammers, they tend to bank on knee-jerk reactions where you’ll click on an attachment or link to install the malware.

The new trick works differently by using social engineering and impersonation, according to ZDNet. Therefore, it’s hard to spot because most of the time we’re reading email, responding, and moving on quickly without a passing thought.

With this deployment, hackers might send multiple messages in hopes of communicating with you. And the more they communicate, the more you might feel this is just a regular conversation. Then, they’ll ask you for something.

Perhaps, it’s to move money around if you’re in finance or to download a new app or tool with a link attachment. Since it seems like you’re doing what your boss tells you to do, you comply. And by sending money or clicking on the link, you create a scenario whereby the hackers can steal company money or deploy malware.

Once infected on one device, it could spread throughout the company, crippling operations and creating quite the pickle. So, how do you avoid this new form of email malware?

Email Malware Prevention Tips

Similar to other malware proposals, it’s important to take a step back and think before responding. For instance, if the hacker pretends to be your company’s CEO and asks you to move a significant sum of money, that would raise some questions. Questions you might want to address directly through phone or in person.

Moreover, it’s important to develop a communications plan that’s proactive in ferreting these behaviors out. One way to achieve this is to pay close attention to the subtexts of the message. Chances are you’ve spoken to these people before and understand their personalities. So, if you receive messages that don’t match up in tone and cadence to what you’re used to seeing from them, it might be a good idea to double check with them to see if they sent that message.

Lastly, being aware of current email malware deployment trends can help you become mindful of the behaviors hackers employ. While it won’t eliminate all risk, education and communication can go a long way to mitigate it.

Meanwhile, if you or your company experienced a data breach, we can help. Our team of data recovery experts has extracted files from devices for a wide variety of reasons from email malware to hardware failure.

What’s more, we’ll provide you with a free quote so you discover the best solutions for you without any obligations. Contact SALAVAGEDATA today to learn more.