Over the past few months, we have noticed a rather continuous rise in the number of spam emails and messages with virus attachments making it through various email filters. Although this is more prevalent on local Shaw or Telus email addresses, some are even getting through to Gmail, Yahoo and iCloud inboxes

Even earlier this week I had a non-encrypted zipped trojan file in an e-mail proclaiming to be a Resume. Last week I received one claiming to be a Purchase Order. I receive both resumes and Purchase orders on a regular basis and it can be very tempting to take the bait. The amount of people coming through our doors with the same problem confirms this is on the rise!  One of the emails we received looked like this:

Please check the statement in attachment.

You may need File Password: ExPx8PKqB

Best regards

Online Scammer

Ok they didn’t sign it that way but the rest is accurate.

I can spot the scams and a lot of our customers can as well but there are still many people that come into our stores that have fallen foul to this online trickery. Other common fake emails include people pretending to be Apple, warning people of a fake breach to panic them into following the links contained in the email to reset their Apple password. Unfortunately, the website in that link may look like Apple but actually links to the spammer’s website, inviting the email recipient to volunteer their Apple ID and password, effectively delivering the keys to your apple e-store. Bogus iTunes purchases shortly follow.

So why does this happen?

There are sites where one can buy thousands of active email addresses. Also, once someone has fallen victim to one spam attack the can be flagged for future attacks by affiliate spammers. The best we can do is “train” our inboxes by marking the appropriate email addresses as Spam and being cautious in the future.

What can we do about it?

The best defense is staying vigilant when opening emails. Look at the email domain the file is coming from. If a purportedly Apple email is coming from appletech@Sli.botnet.nl then it is likely bogus. In addition, beware third-party applications that ask for access to your contact list and email when there is not the reason for the application to use this information.

This new online spam is a bigger business than the old canned spam ever was, so it pays to remember: do not open any attachments you are not expecting or look suspect, and steer clear of password reset or confirmation link you did not request. And as always, when in doubt contact My Tech Guys on 250-890-1065.

Thanks for reading!

Share This