SPAM – A Nuisance Until It Becomes A Disaster.

Who amongst us doesn’t receive 10’s if not 100’s of SPAM emails every day, week or month? SPAM is annoying, time-wasting, a lunch-time destroyer, efficiency assassin and a disaster in the making! Yes, SPAM is a potential Disaster lurking in the deep caves of your mailbox!

Some people believe that SPAM is a simple email they get rid of with a click! Unfortunately, it’s not that simple. SPAM is a very generic word for an unsolicited email attempt to gain personal information using different methods including playing on human emotions. Don’t get me wrong, I understand the emotions behind the need and desire to help a person in need. Replying to emails isn’t the way to do so!

I have dealt with so many different SPAM emails, it’s crazy! From the Microsoft Office 365 “Account Disabled” emails to the CRA offering me my refund <3 by clicking a very simple and “secure” link! Having witnessed the number of malicious emails I have, I can tell you they are getting very, very good at disguising as legitimate emails! I have seen a very believable eTransfer email and have already written a short article dissecting it (You can read it here).

There are other malicious emails you need to be aware of! Phishing emails are one big part of what we support engineers try to block. A Phishing email is one that tries to trick you into providing your personal information. Whether the information pertains to your Personal Identification Information (such as your SIN, drivers’ license number, passport number, …etc.), financial information or corporate access information (to list a few).

Here are some notable, public and unfortunately successful Phishing attempts:

  1. Canadian city falls for phishing scheme: https://www.cbc.ca/news/canada/hamilton/city-of-burlington-falls-for-503-000-phishing-scheme-1.5174695
  2. Canadian university falls for phishing scheme (the bulk of the money was recovered, doesn’t change the fact the phishing scheme was successful): https://www.cbc.ca/news/canada/edmonton/macewan-university-recovers-most-of-11-8m-online-phishing-scam-1.4604729

Ransomware usually creeps into a network when a person clicks on a link of an infected website :(. Here are very notable and public articles that have occurred as a result of a ransomware infection (to list a few):

  1. Canadian town hit with ransomware: https://www.cbc.ca/amp/1.5170951
  2. American city hit with ransomware: https://www.wbaltv.com/article/baltimore-city-network-email-outages/27395392
  3. Canadian town hit with ransomware: https://barrie.ctvnews.ca/wasaga-beach-pays-ransom-following-computer-system-hacking-1.4026570
  4. Canadian university hit with ransomware: https://www.cbc.ca/news/canada/calgary/samsam-ransomware-attack-university-calgary-1.4924568

Please note some of the articles I referenced are older articles. The truth remains the same. A threat occurred successfully resulting in major financial and PR damage. My goal is to show Phishing, SPAM, Ransomware and other email and cyber threats are not only pointed at SMBs. They are pointed at people. People from anywhere and everywhere! Scammers don’t pick and choose (unless they spear target an entity or person).

I posted about how to protect your network. In my professional opinion, user awareness is the # 1 way to protect your network. Train your staff on how to detect potential email scams. Train your technical team on how to better manage email filters. Train executives on how to detect potential email scams (yes, executives!).

Be careful. Train everyone with access to your network to ensure something that was never on your radar doesn’t become a nightmare.