New year, new fraud emails. Also this year, email will be the favourite way for cybercrime.
Accurate text, sender similar to original, to fall into a trap is easy
The first attacks have damaged Nexi-Carta Sì and Federazione Ordini Farmacisti Italiani.
The firs one was sent from a Top Level Domain – this domain category has an .it extension and SSL certificate so it’s easy for an user to let down your guard, to click to link and to insert user and password on fake sites.
The second one is a fake PEC, a type of email that is perceived as important and for this reason you could open it and the attaches with malwares.
Trends show that cyber criminals aim to account takeover (to obtain username e password of sites) and bec (business email comprise) attacks: the email sender looks like customers, suppliers, government addresses.
How to protect yourself and your company?
Never let down your guard.
Put attention to unexpected emails.
BEC attacks pass through anti-malware systems because they haven’t a damaging software, they are very customized and look likes pretty and grammatically correct.
If you receive an email informing you about an IBAN change from a customer, phone him to ask if it’s true.
Be careful about the email address: for criminals is easy to create a similar address and to put a dot or an dash or a plural form
If you are not sure, don’t click the links
Be informed about news in cybercrime.