Email Scam Happening Now

I am shining a light on this scam in the hopes that you can avoid becoming a victim. The goal of the scammers is to gain access to your email account and create all kinds of havoc, starting with propagating the scam for the purpose of collecting even more email addresses.  They could be collecting addresses as a simple as a way to send out spam, or for more devious purposes.

The one that I have run into lately starts like this:

Email Photo

You receive an email from someone you may or may not know.  It states that there is a secure document with a link to go see the document.  It works better if you know the person.  The one I received was from a unknown person.  I would have been skeptical even if it were from someone I knew.  This particular version has a link to a Word file in the person’s OneDrive.  I have seen another that used a PDF document also in OneDrive.  The Word document has a link to another site that asks you to sign into your email account to pick up the file.

Email Scam Landing Page

Scam email Landing Page

The problem is that the site they are displaying is not your email provider.  It is a collection site.  If you attempt to sign in, you will not just get directed to a website.  Some browsers like an up-to-date Chrome will attempt to block access to the site with this:

Scam Blocked

If your browser doesn’t stop you, then the scammers have your email credentials.  From here they can send mail out to your contact list and put a document on your cloud drive.  This propagates the scam.  Here’s the scary part: once they have access to your email they can not only read anything in your email folders or look at items in your cloud storage, but could use your email address to reset other passwords around the web by using the “I forgot my passwords” anywhere your email is used as the username.

You might be thinking, “I have nothing of interest in my email account,” but if someone can gain control of your email they can jump into many other online accounts.  It’s hard to predict what the scammers may do with your information.  If they hack your business email, imagine what spam coming from your email looks like to your customers!  If you are the admin on your email system, they could take over the whole account, and put forwards or reroutes on your mail.  I have seen rules added to send all new mail to the deleted folder.  That way the owner didn’t even know they were receiving replies on all the spam their account was sending out.

How To Protect Yourself

This particular scam is using an Indian web address hosted in India, I believe.  The most important thing to ask yourself is:  Did this person really send me a confidential encrypted document?  If a log-in site looks suspicious, don’t put your credentials there.  If the person really wanted to share a document with you, the initial link to the Word or PDF document on their cloud drive would be all they needed to do.  The requirement to sign into your email account where you just received the email should be a clue as well.

Another defense against this type of scam is to use two-factor authentication with your important email accounts.  If your email is hosted with Microsoft or Google, it’s simple to turn on.  It may be available with other providers as well.  As always if you have questions or you think you have fallen victim to a scam like this, start by changing the password on your email account, then give 12 Stones Tech a call at 913-893-1123.