You’ve probably received plenty of spam emails from someone you’ve never met, asking you to click on a link. Clicking those links will install viruses or malware on your computer unless you have an antivirus program blocking that from happening. This process is called phishing (pronounced fishing), because cybercriminals will put hundreds of thousands of these emails out into the wild every day and hope that someone will ‘bite’ by clicking on it. Most people have learned by this point to avoid emails that look suspicious.
Unfortunately, people sending these emails know that they’re mostly ignored at this point. To increase the likelihood that you’ll click on their emails, they’re boosting their efforts to look like a trustworthy source – Google. As dangerous as phishing is, it can be almost impossible to detect if the sender uses this type of camouflage. A couple of recent examples of this:
- Spam was recently spotted coming from ɢoogle.com – note that the G in Google looks funny. That’s because it’s not a normal G – the spammer was sending the emails from a domain name that used a small ‘G’ to trick people into thinking they were the multibillion dollar giant. This trick has also been used with Russian alphabet characters.
If you can’t tell the difference between GOOGLE and GOOGLE, you’re just like everyone else, and you could be a target for this trick. (By the way, the difference is the first O in GOOGLE – it’s a Latin O in the first word and a Cyrillic O in the second.)
- Google Docs has also been used to trick people. An email from someone you know appears in your inbox, sharing (which seems like) a Google Docs document. If you click “Open in Docs”, a request to allow access to your Google account appears.
Unfortunately, your account information isn’t being shared with Google, but instead is being shared with a spammer who created a fake program called “Google Doc”. The program then uses your email address to mail the fake Google Docs document to everyone in your inbox. In this way, it spreads to everyone with a Gmail account very quickly.
These phishing tricks are getting increasingly harder to spot. For business users, the best way to avoid these is to rely on a product like Cisco Umbrella, which uses artificial intelligence to learn within minutes that these links are malware and block users from clicking on them. Whether you have this protection or not, it never hurts to ask “is there any reason for me to be receiving this email?” If there isn’t, check in with the person who supposedly emailed it before opening it. Not only will you protect your own computer, you might be letting that person know that their email account has been compromised and is emailing malware to everyone in their address book!
Do you want to learn more about how to secure your business network? Call WingSwept at 919-779-0954 or contact us at Team_WingSwept@WingSwept.com and ask about our Managed Services!