If you follow LinkedIn, or use Google Mail, (that’s probably about 90% of us) you’ve probably heard about this latest phishing scam. It made its way to my OTELCO inbox yesterday.
I received an invitation to view a document in Google Docs from a person I know at the Bangor Daily News. In my position, Marketing and Public Relations, a relationship with the paper is part of the job. With the Maine legislature in session addressing numerous telecom bills, I assumed the invitation was to view something related to that.
When I hovered over the link – something you should always do before opening anything in an unexpected email – it looked legitimate, and there was no “.exe” or other file extensions that would indicate a malicious executable file that was likely to infect my computer.
So, I clicked on the link and ended up at a page that asked permission to connect to my contacts.
BIG RED FLAG!
I clicked on the ‘Don’t Allow’ button and nothing happened. Thankfully!
Had I clicked on the ‘Allow’ button, I would have been a victim of this phishing scam and would have allowed the collection of all my Google contacts. Then they would have received the bogus email from me.
Pay Attention to Things You Probably Ignore
Something else I noticed while creating the graphic was the email address in the ‘To:’ line; it’s not mine. During a busy day, if an email ends up in your inbox, how often do you even look at that line, you just assume your address is there.
People are used to hitting that ‘Allow’ button to share their location and other info to supposedly improve their online experience, so it’s not surprising that this thing spread like wildfire before Google put a stop to it by blocking the site.
Don’t Let Phishing Scams Scam You
- Don’t open links in unexpected emails
- If your curiosity gets the best of you, hover over the link and be sure it doesn’t look like an executable file
- If you DO go ahead and click on the link, NEVER allow the site to get any of your information
For more about phishing scams and protecting your privacy and security, read about Internet Scams in our community newsletter. Lifewire also has some great information and resources about protecting yourself from phishing scams and malicious links.
Training your staff to be on the lookout for malicious emails is critical, but ensuring your own network security is the other half of the equation. OTELCO Cloud and Managed Services has partnered with Arctic Wolf to offer Security as a Service. This security solution can protect your network from the harmful malware hidden in phishing emails. To learn more about Managed Services and the security benefits they can offer your company, download OTELCO’s free Managed IT Guide.