Phishing, spear phishing, whaling... email spoofing? How to spot a fake.
What is Phishing/Email spoofing?
Email spoofing is the forgery of an email so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a popular tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate or familiar source.
What is Whaling?
Beyond typical “phishing” attempts to what’s known as “whaling”: sending fraudulent communications that appear to be from a church’s pastor or a denomination’s leader — in other words, from the “big fish.”
Here is a great visual example from Tech Target on the differences.
The intention of the attacker is to trick their victims into:
Clicking on hyperlinks to take over the victim's computer and/or steal user credentials
Opening a file attachment to install ransomware or other malicious code on the victim's computer
Making money transfers, or paying fake invoices
Purchasing gift cards and transmitting the claim code on the back
A common tactic scammers use is to send emails using the display name of someone within the organization and an external email address*. Some users won't notice that the email didn't come from the user with the display name and deal with the email as if it was genuine.
Example: Rev John Doe <firstname.lastname@example.org>
*Note: St. Matthew's clergy and staff will never email you and ask you to text or email gift card codes. Always call the office to verify if you receive an email message you're unsure of. 703-430-2121.
Other methods rely on tricking the eye by using a domain name that looks like a trusted source. Purchasing domains that are similar to the ones impersonated is a common strategy that is often used in phishing attacks.
Example: Rev John Doe <father.Joe@ParishNJ.com>
These types of attacks are especially successful when viewed on a mobile device since most phone-based email programs don't allow users to hover over links or to see the full email headers.
THINKS TO CHECK:
Check the "From" address line in the email. If you receive an email from a sender that you may be familiar with, always remember to check the "From" address line to make sure that the email is coming from a legitimate source. If viewing the email from a smartphone and you have suspicions of where the email originated from, open the message up in an email client on your computer to view the email domain name.
Beware of urgent language. These emails oftentimes come with a sense of urgency. Phishers, in particular, tend to use this, attempting to elicit panic in their victims. A frazzled and fearful victim can be more apt to follow instructions in the email. (St. Matthew's will NEVER send you an urgent email directly asking an individual for funds, gift cards, help. Always call the office to verify if you receive an email message you're unsure of 703-430-2121.)
Look for generic language. Scam emails often contain generic language and/or greetings that could apply to anyone receiving the message.
Avoid clicking suspicious links or downloading suspicious attachments. Cybercriminals will usually create a spoofed webpage where you will be directed to enter your credentials or bank account information.
Be careful of unexpected, out of character emails. When receiving a message, ask yourself if this is normal communication from the sender by confirming that the wording and signature of the message are consistent with other emails from the same sender.
Learn how to read and understand email headers. Viewing who the message was really sent from - an email header is a block of information about the message that includes the sender, the recipient, the date, time stamps and the server the email was sent from. Here is a great article on how to find, view and understand email headers.
What do you do if you have been sent an email spoof/phishing/whaling email?
Do NOT reply to the email or click on any links
Go to Gmail Help and fill out the form: HERE to file a complaint/notify Gmail.
Call the office at 703-430-2121 ASAP (do not forward the email)
Verify all of your protection software, updates and passwords are up to date
Click here to read the original blog post from St. Joseph Parish in NJ