Preying on quick decisions…pay attention!
I was travelling recently to our nation’s capital for a security conference (there’ll be another article on this topic) and most of my means of communications was through my mobile device. I was quickly scanning my emails when the following LinkedIn invitation came through:
Most enterprise organizations have fairly sophisticated email filters today but the odd phishing, malware-link infested message does find its way through. When I receive a suspicious email, I typically look at the telltale signs of a fraudulent email – do I know the sender, who is it being sent to, do I recognize the organization. As you can see from the screenshot above, all of the basic checks passed. Our security awareness training teaches people to hover over the links to see where you’re actually connecting to. However, on a mobile device, it’s not quite as easy - with all our fancy touch screens it’s sometimes difficult to select a hyperlink and browse the final destination. I was able to determine the final destination of the hyperlink via my handheld but it made me wonder, would other people be so diligent?
Remember the good old days when some prince in Africa wanted to transfer funds and the email body was written in horrible English and the sender would be some bizarre fellow with a name you’d never heard of. Today’s email phishing attacks and malware link laden emails are getting quite sophisticated – pay attention…you never know when an email such as this finds itself in your inbox.