It happens everyday to receive junk emails from websites or newsletter that we do not subscribed or advertising from vendors that you do not even know.
In order to protect us from common malware, here are the most common channels and threats:
Spam: the classical junk emails. It is the massive send of email to a huge amount of email addresses for advertising purposes. It cannot be excluded the possibility of malware or dangerous downloads related to the junk email. There are different useful settings, for instance, in Outlook, right-clicking on a junk email you can manually label it as spam email and you will not receive inbox emails from that address anymore.
Phishing: this is a real fraud against personal data. By clicking on a link related to the email, the user will enter its personal data in a very accurate website that can resemble an official website, for instance your bank website. Giving personal data, the attacker receive important information and can use login data to access bank accounts.
The solution? Never login by clicking a link in an email. You better visit the official website from a browser and complete the login using only the official websites.
Spear Phishing: this is a phishing technique that scam companies. The objective of this technique is to extort money from popular companies. Employees receive an email with malware attached, that resemble relevant business documents. At this point, the fraud is in the company and using the malware company data and personal data are stolen. It is crucial to promote IT security programs in companies, in order to educate and learn how to avoid malware.
Drive-by Download: when an email has dangerous downloads attached, but this technique can also be present using browsers or apps. In the case of emails, a drive-by download can be included in banners or any other possible clicking area. It is crucial to download only from certified and official websites.
What can you do to protect your mailbox? Here are our tips:
1. Activate an Anti-Spam service in order to automatically filter emails and recognize junk emails. Junk emails will not appear in the inbox anymore, once they are labeled as inappropriate emails.
2. if you receive a different email, maybe the graphic elements are not as they usually are, you must check the domain of the sender and literally check that is a reliable domain (for instance, user@vertigoconsultng is different from user@vertigoconsulting). Especially in business environments, it is important to inform your IT support team and ask to check the reliability of the domain if you are not 100% sure.
3. Unsubscribe from the newsletters you are not interested in. At the bottom of the newsletter email, there is often an "unsubscribe" button or "change your preferences" option. Once you click on these links, a page will be displayed: do not give any personal data, but only your email should be required in order to unsubscribe.
If you realize that you are attacked, the best behavior is to ask for IT support as soon as possible, so that the IT team can activate internal procedures to minimize the risk and maintain IT security in the company