How to identify spam emails and remain safe from phishing attacks
Have you received emails claiming that you have won a lottery of 500,000$ or 1Million Dollars? Or have you received any threat emails, like i have, where the sender claims to know the passwords to your accounts? In this article let us see how we can avoid these emails and remain safe from the various cyber attacks that are targeted through spam emails.
I recently received an email claiming that a hacker has got access to my account and knows all of my passwords. The hacker further claims that he has installed a malware on my computer and has “recorded me during my private time” (haha, nice try!). He further goes to threaten me saying that he will leak my videos to all my contacts on social media if i do not pay the amount of money he is asking me through Bitcoins. Here is a screenshot of the exact email that i received few weeks ago.
The password mentioned in this email is a legitimate password and I did use that particular password previously. But the password he claimed to have, has been changed a long time ago. So let’s break this down into the following topics :
- How did the hacker get my email and the password he claims to have?
- How to identify spam emails and prevent becoming victims to these scams?
- How to identify the source of the emails?
- How to protect yourself and remain safe from these scammers?
How did the hacker get my email and the password he claims to have?
Hackers get emails and passwords of the users from websites that have been previously hacked. A few months back, we saw reports of a major cyber attack on Air India airlines and millions of personal details of the passengers were leaked on the dark web. You can read the detailed report of that incident by clicking here. Before that, a few years ago, we heard reports of a cyber attack on Zomato where the login credentials and other personal information of users had been leaked and were available on the dark web.
Hackers can purchase these details through forums that are available on the dark web. Most of them are pretty cheap and just cost a few dollars for details of hundreds of thousands of customers. Some websites on the dark net even make the details available for free! Forums like these are a heaven for hackers. Once the hackers have collected this data, they try logging into the accounts through the usernames and passwords that were leaked. If the user has already changed the passwords, they use complex social engineering techniques to lure their victims into giving them money.
Social engineering techniques that vary from simple emails claiming you have won a lottery, to threats like you saw in the screenshot above, are used to target people. Some emails ask you to login though Facebook or other accounts and give your address and other billing details along with a small amount of about 25$ or 50$ in order to receive the large sum of half a million dollars or so. The sad part is thousands of people are becoming victims of such scams everyday.
The threatening emails tend to have a better success rate in terms of social engineering as people fear that the hacker has actually got into their computers and secretly recorded them. More often than not, the hacker is just trying his luck by threatening the victims and doesn’t have access to your accounts nor your computer.
How to identify spam emails and prevent yourself from becoming a victim of these scams?
To identify spam emails, you first have to know the different types of attacks and techniques hackers use. There are different types of emails that are used for social engineering, lottery emails being the most popular. In this type of email, the sender claims that you have won a lottery for a huge sum of money (say 500,000$ or 1,000,000$) and you need to provide your personal details to claim the amount. The personal details include your name, phone number, address, bank account information and so on. The email also claims that you have to pay a small token fee (say 25$ or 50$) to process the money and transfer it to your account.
Another type of email is someone claiming to give you 50% of a huge sum of money where they transfer you the money to evade taxes. The details these types of emails collect, are similar to the ones mentioned above. Another type of email is that your account has been used to purchase some software or service on the internet. I have received emails claiming that they are from Apple and my Apple ID has been used to purchase a subscription for apps such as Hulu, Netflix, etc. Some emails claim to be from Amazon or other organisations and ask you to change your password in order to continue using their service.
These emails (ones requiring you to login) include links which redirect you to a phishing page and you give the hackers your username and password by entering your login credentials in these pages. The Apple email fraud, in my case, sent me a PDF file of the purchase. Downloading these files can compromise your system and lead to hackers gaining access to your computer.
How to identify the source of the spam emails?
To identify the source of such spam emails, we can look at the message header. To do this, click on Show Original by clicking on the three vertical dots on the top right corner of the email from your Gmail inbox. This will open up a new tab with a heading Original Message. Here you can see a lot more information about the email such as the sender’s IP Address, name, Email ID, the domain used to send the email and so on as seen in the image below.
It can also be noted that such spam emails will most likely have SPF as neutral or failed. To make more sense, it means that the hacker likely used an email spoofing tool which can send emails to others through any desired email address ( even though he doesn’t own that email). But by doing so, the SPF fails. This validates that the email is spam and the address from which the email was sent, did not actually send the email.
How to protect yourself and remain safe from spam emails?
One of the best ways is to identify emails from the subject and delete the emails without opening them. Emails can be embedded with trackers and notify the sender if the email has been opened. The trackers not only notify, but also share information such as the IP Address of the device that opened the email, the make and manufacturer of the device, the operating system the device is running, the location, how many times the email was opened and so on. Details such as device details and IP Address are important for the hackers. The way way to stop giving them this information is by not opening the email itself.
Avoid clicking on any links in the email from untrusted sources. Emails often come with links asking you to login to accounts. Clicking on these can redirect you to phishing pages where you give out login details without even knowing that the website is fake. Always verify which website the links point to, before you enter your credentials. Phishing links can look like this – faceb00k.com instead of facebook.com, g00gle.com instead of google.com, etc.
Avoid downloading files such as pdf or exe files. These files may contain malware and create backdoors to your computers, which hackers can use to get access and control over your computer. If you have a webcam connected to your PC Desktop, disconnect it when not in use. For laptops you can place a piece of tape over the webcam or use camera covers (can be bought for a cheap rate from sites like Amazon). This ensures that the webcam cannot be use to see you, even though your computer might be hacked, because you have physically covered it or disconnected it.
Change your passwords regularly and keep complex passwords which are not common, for all your online accounts. Never reuse passwords for multiple accounts. You can use password manager tools such as LastPass or Dashlane to securely store all your passwords. For additional security, you can enable Two Factor Authentication on your accounts.
By following these simple steps mentioned above, you can prevent yourself from being victims of social engineering attacks and email phishing attacks. If you haven’t read my previous article on the Importance of Privacy, be sure to check it out. If you liked this article and found it useful, please consider sharing it with your friends and family and help them remain safe too.