Phishing, Ransomware, and the Most Dangerous Emails You Can Receive

malware (2)The cybercriminal of 2001 has grown up, brushed up on his English grammar, and updated his programming abilities. According to the RSA’s online fraud report released in January of 2013,  more phishing attacks target the U.S. than any other country. According to the Internet Policy Committee, there were well over 123,000 unique phishing attacks last year.

And it all starts with a few clever thieves and carefully-constructed email campaigns.

1. Spear Phishing

It’s not just a sport for fearless islanders anymore. Spear Phishing refers to phishing–trying to extract compromising/valuable information–from specific industry sectors. According to the FBI’s report on new e-scams, sometimes these phishing emails contain accurate information about you, their chosen victim, to make the messages appear more credible. They’ve usually gathered this information through other intrusion methods or by stalking you via social media.

To avoid this scam, the FBI warns professionals that banks and other reputable companies will never ask for sensitive personal information via email. Almost all phishing scams are preventable, so long as you avoid links sent in emails, and don’t send personal information to any company through email. If you receive a notification that your account information needs to be updated, go directly to the website rather than following a link.

2. Ransomware

Ransomware is a new type of malware that is installed on PC’s when users least expect it–usually on a drive-by website that computer users are often directed to via email. After the ransomware is installed, it directs the victim to pay a $300 “ransom” so they can access their computers again. The threat? That you’ll lose everything on your hard drive. The solution, however, isn’t an easy fix; there is no simple key to “unlock” the ransomware in order to access your files or unlock your computer.

If your computer is infected with ransomware, don’t pay the requested ransom. File a report of the incursion at and take your computer to an expert who can remove the malware.

3. Cries for Help

You get an email from a friend who claims to be penniless and stranded in Siberia. Or you’ve fallen in love with a Romanian princess who wants to meet you, but she needs you to wire her money for airfare. There are as many versions of this email scam as there are thieves, as’s blog warns.

If you get an email from a “stranded” friend, contact that friend through another form of communication to ensure the email is legitimate, before wiring them money. Never send cash to Romanian princesses that you haven’t met or talked to in person.

The best ways to stay safe online include educating yourself on the threats, keeping your computer up-to-date on reliable antivirus software, and potentially investing in an identity theft service, such as LifeLock, that works to prevent phishers from taking your information.

4. Ransomware for OS X

Thieves are also developing a new version of ransomware targeting Mac OS X users. This program opens window after window in the web browser; cyber scammers hope that the victim will pay the ransom before realizing that they’re just seeing frame after frame of the same message in their web browser.

To avoid ransomware, be careful of the sites you visit. Don’t visit links in emails from unknown or unfamiliar senders. If your computer has already been infected, the easiest way to get around Mountainlion’s version of ransomware is to click on the Safari menu and hit “Restart Safari.” When Safari is reopening, you can hold the shift key to ensure it doesn’t reopen the same windows that it closed.

Steve Hawkins Show logoOn November 11, 2013, we covered this posting during the weekly business radio show, “It’s Your Business.”  The show was broadcast on Supertalk 92.9, WFHG.  Content: Thanks to Social Monsters.  This article contains content and anecdotal stories from The Guinn Consultancy Group, Inc. client files and from the personal experiences of Alan Guinn, Managing Director.

Leave a Reply