“My package wasn’t delivered”.
It happens more and more often these days, an email comes into your mailbox that looks genuine advising you that a certain courier had attempted to deliver your parcel, but that you weren’t in. They either attach a PDF form or ask you to click a link to reschedule. What do you do? Well, it might surprise you to know that 30% of these emails were opened last year. That is a lower number than I would have guessed, but it shows that overall we as IT users need to be more vigilant with our emails.
The nefarious characters out there who create these infected emails are constantly finding new ways to try and trick us into opening them. Their hope is that one of us might be waiting on a package or even be the right person to ask to have a large sum of money transferred.
There are many products available to limit the amount of these emails getting through to end user mailboxes and here at Leaf we offer a tailored security solution designed to detect and reject the majority of phishing emails and infected attachments. If you are a Leaf customer you will already have some form of protection in place, we are currently carrying out security reviews to show the benefits of our security suite offering.
As a user though the best thing is to be alert when checking your emails. You have a good sense of the type of emails you normally get and you will know if a package is on it’s way to your home or office. If you suspect any of your emails of not being genuine, don’t open them. Alert your relevant IT contact and give us a call so it can be investigated before it creates any problems on your local machine or servers.
Example of this type of email:
1- Check the return address (@Lexington.us?? That isn’t FedEx.)
2. There is no Trademark symbol included on the FedEx logo. (You can see the real FedEx logo in the red box.)
3. If you copy and paste the Tracking ID into the FedEx tracking sytem it won’t be recognised because it is fake.
4. If you hover over the “Print Receipt” button don’t click it. It will take you to a completely unknown url that will cause big problems.
It’s important to ensure your employees and colleagues have a high level of awareness when it comes to these kinds of attacks. We can provide bespoke security awareness training. If you are interested in booking a training session please get in touch.