You’ve certainly heard or read, by now, that you can’t always trust every email that you receive. Sometimes an email account can be hacked, or a lookalike created, and you might receive messages containing malware or suspicious links. Most of you are doing a good job avoiding these dangerous phony or hacked email messages.
Unfortunately, hackers are always half a step ahead of us! Surely they anticipated that widespread knowledge of online safety would prevent many emails from fake or hacked accounts from reaching their targets. So, the new method of sending malware or dangerous links involves not only hacking into an email account, but then utilizing an ongoing email conversation to do their dirty work.
For example, let’s assume you’re having the following conversation with a colleague:
Sender: Hey, what’s up? Are you attending that networking event tomorrow night?
You: Yeah, I was planning to. Are you going?
Sender: Oh, definitely. Last time I attended one of those events, I walked away with dozens of new contacts and got a few solid leads.
You: Awesome! See you there.
Sender: Can’t wait… By the way, check this out! (followed by an attachment)
You click the attachment, because you’ve been engaged with this colleague in conversation and you feel certain you’re talking to someone you know. And you were! But that last message was a hacker, who dove into an ongoing conversation and inserted a dangerous link. Now you’ve unknowingly followed it, and downloaded malware onto your computer.
This is exactly how hackers recently delivered the Gozi banking trojan virus, which provides the criminals with your financial account details.
Yes, it’s extremely sneaky and dangerous, but you can still protect yourself against conversational hijacking. Remember to hover your mouse cursor over any links in emails before clicking them, and never enter login info after following a link. Open a new tab and go to known sites directly.
As for attachments, it couldn’t hurt to pick up the phone and ask your friend if they just sent one.
It’s unfortunate that we must be ever-vigilant about our online conversations, but it’s just a fact of life in the digital era. As always, you can give us a call at 888-RING-MY-TECH if you have any questions about online security, or suspect that you’ve been compromised by malware. We can help you take care of it.