Email spoofing, scamming, and hacking

by | Aug 8, 2024 | Uncategorized | 0 comments

Email spoofing, scamming, and hacking, Copyright 2024 by Steve Burgess

Email domain spoofing scams

With fortunes, privacy, and identity fraud at stake, we have had a number of cases involving phishing and spoofing in the past few years and into the present where fake/spoofed domain names look almost the same as legitimate ones, but are not. They may even lead to sites that look the same as the legitimate ones, because it’s straightforward to fake a web page that the average user is unlikely to detect.

How does this work?

Someone sends you an email that looks legit, let’s say johnsmith@wellfargo.com, and it even has a logo in the signature block that looks right.

You may already have noticed, because you’re reading this article and are alert to what I’m talking about, that the domain wellfargo.com is not the same as wellsfargo. It’s missing the letter “s.”blank

In your case, it may be an Invoice to be paid from what looks like a legitimate vendor, or it may be a request to sign into your account. When you click on the link in the email, it takes you to a website that looks real, at least to a busy person who wants to get this one task out of the way before getting on to your busy day. Or maybe you just weren’t wearing your reading glasses. [reading glasses image?]When you sign in, you get an error going to the page you normally get when you log in to your bank account, and the perpetrator gets your real login and password. Because many people use the same password (bad idea!) for many websites, they also have your password to those same many websites.

What’s the point?

As above, it’s a way to get into your various online accounts, which often include bank, stock trading, accounting, and commercial online stores in your name. It may also be a way to steal not just your online stuff and money, but even your online persona.

We have had cases where such emails have been used to authorize millions – literally millions – of dollars in transfers to banks, in and out-of-country.

Script spoofing

What the heck is that?

That’s using letters or numbers that look like other letters or numbers in an email. It may look legit but if you answer it, they now know that it’s a live email address, and worse. They may fool you into paying a bunch of money to someone that’s not who you think it is. They’re not trying to get you to log in to a website, but rather to get you to authorize a nefarious transaction.

For instance a Cyrillic “а” looks just about like a Roman (English) “a” but it looks different to a browser or an mail server.

Greek and/or Cyrillic share other characters with Roman letters (English) that look the same or almost the same, but are different codes, including lower case a, o, I, u and upper case O, M, K, T, A, X, Y, H, B, E, and P.

A recent popular script spoofing scam involved citbank.com, but with the “a” being a cyrillic “a.” Your browser is probably not going to allow you to go to the website with the alternate character, but your mail server may have no such compunctions to protect you.

How do I know whether it’s legit?

One way would be to copy domain part of the email address (the part that comes after the “@” sign), paste it into a browser and see whether it goes to the legitimate site. At the moment, when I type in Citibank.com with the Cyrillic “a” in Firefox, I get a message that says “Check if there is a typo in xn--citibnk-6fg.com.” In Chrome, it’s a similar message. So these browsers, at least currently, are catching that it’s not the Roman (i.e., English) letter “a.”

When I do a search for Citibank with the Cyrillic “a,” Both Chrome and Firefox offer as the first listing, the real Citibank website (which is safe to visit), and as a second listing, a Wikipedia page on “IDN homograph attack,” which is an article on email addresses that have letters, such as the Cyrillic “a” that look just like the Roman letter “a.”

(IDN, incidentally, stands for Internationalized Domain Name. I knew you wanted to know that!)

How can I avoid becoming victim to this scam?

There are few things you can do to be safer.

  • First, and most importantly, don’t click on links in the body of emails. Type the web address into the address/search bar manually.
  • You may hover your cursor (if you’re using a computer) over the link in the email and the underlying actual link should show up. Look at it carefully to see if it is what you expect.
  • You may right-click on the link, copy it, and then paste it into a text document, to see if it is a real web address or whether the link is bogus.
  • Don’t respond to emails from users unknown to you… and even if it does look like a user known to you, like say a bank officer, make sure the domain is correct.

 

But the safest thing to do is to type the domain name or email address yourself. It’s surely a pain, but there’s a lot at stake.

Or call us – we might be able to help.

 

 

Related Posts

AT&T Data Breach and Hack: What Does it Mean to Me?

AT&T Data Breach and Hack: What Does it Mean to Me? copyright 2024, Steven Burgess It was ginormous. It included almost all wireless customers from 2022. Did you have an AT&T phone or other account in 2022? You’re one of 110 million (gasp). You be hacked, my...

Somebody deleted stuff off my phone (I swear it wasn’t me!). Can I get it back?

- Copyright Steve Burgess 2024 Your phone is suddenly losing text, videos, photos. What’s happening? Are they gone forever? Have I been hacked? How do I avoid this in the future? What’s happening? Of course, it’s hard to tell without some history of the phone’s use,...

CSI Cases from Burgess Forensics #69 A Case of Hiphop Beef

The Stories are true; the names and places have been changed to protect the potentially guilty. It was almost closing time on Friday and my thoughts were turning to Barbequeing some of that mouth-watering Santa Maria tri-tip while my nose was turned to the scent of...

Email as a signed contract vs. fraudulent emails

Email as a signed contract vs. fraudulent emails We all send and receive email, but did you know that what you say in an email can be interpreted as a legal contract? And that sometimes, emails are fraudulent? Both are true. The Statute of Frauds Although email didn’t...

El Salvador Adopts BitCoin

El Salvador Adopts BitCoin copyright Steve Burgess, 2021 El Salvador just passed a law to make BitCoin (BTC) legal tender and is the first country to do so. It did something similar back in 2001, when it made the US Dollar the official currency, replacing the...

Keeping Your Bitcoin Safe

BitCoin. Everybody wants some. But what’s the best way to keep it safe once you’ve got it? And how to get it? First things first – you get BitCoin (and Etherium, and DogeCoin) from a cryptocurrency exchange, like you would from a “regular” currency exchange to turn...

Cyberbullying and Covid-19: 2021 Update

California defines a cyberbully as anyone who sends any online communication to deliberately frighten, embarrass, harass, or otherwise target another. The Cyberbullying Research Center defines it as “willful and repeated harm inflicted through the use of computers,...

Cybersecurity & Covid-19: Vulnerability and What to Do About It

Cybersecurity & Covid-19: Vulnerability and What to Do About It Steve Burgess, 2020 As if we didn’t have enough to worry about. With so many of us working from home (close to 90% of American corporations are encouraging or requiring employees to do so) and having...

Indian Summer Lovin’ – Tech Tips For a Warm Autumn

by Natalie Miller, 2019 With Indian Summer temperatures rising, here are some tips to help you make sure your devices are ready to conquer these warm days of Fall like you are. Check Those Pockets! Taking a dip in the pool, going for a paddle in a kayak, and jumping...

Electronic Waste and Recycling – What Your Old Devices Can Say About You

by Natalie Miller, 2019 With new models of phones and computers being released every year, wanting the latest and greatest is never a bad thing, but what about your old devices? The truth is that old devices can still hold all of the data you put on them or that they...

Pin It on Pinterest

Share This