As technology grows, so do threats targeting more and more individuals and enterprises nowadays. Spam and phishing have been around since the beginning of internet, when spammers and scammers (mind the difference) saw an opportunity in moving their operations online and profiting off their victims. In most cases spammers are just looking to sell a low-quality or counterfeit product, while scammers are mostly responsible for white-collar crimes.
Spam, a.k.a unsolicited bulk email or just “junk mail”, stands for multiple emails sent by one “spammer” to a list of email addresses. In the early days of spam, and also today, its purpose was to sell a certain product by sending as many advertising emails to as many recipients as it could. Today spam is also used to spread malware of various strains such as spyware or ransomware
Though spammers may get your email from a repository such as Pastebin, forums, social media, various websites or just marketers who sell your email address are just as important as public repositories. Sometimes bogus companies or services sell your email as part of a huge list to spammers or other marketers, and as frustrating as this may be, there’s little to nothing you can do about it.
Phishing scams usually try to trick you into giving away your personal information, such as addresses, login credentials, credit card information on so on. Cloaked as legitimate emails from a company, they usually request your information to be sent back to them by replying to the email or by just clicking a link where you fill out some forms. Links within phishing emails often lead to legitimate website look-alikes that are in fact fake websites specially crafted to trick victims.
Now another nasty type of scam is spear-phishing which targets well-known individuals with the goal of gaining high-valued information.
Spear-phishing is used to get login information of businesses, such as system administration login credentials, access to some customer lists, internal documents or confidential research information. Spear-phishing requires a cyber-criminal to be very skilled in social engineering techniques so as to leverage them to his advantage.
- Spam usually tries to sell something.
- Spam is a way to perform a phishing scam.
- Phishing tricks you into giving sensitive details.
- Spear Phishing tries to trick high-valued targets.
- Banks never demand your personal or credit card information over email or phone.
- Spear-phishing relies on your basic emotion. Fear and joy. Usually it’s too good to be true or just bad enough to freak you out.
Got some weird emails and you don’t know what to do?
- First of all, contact the company directly via the phone number listed on their official website (not from the email!), or just go to one of their locations.
- Log in to your specific account and see if the information you received via email was sent by that company or service.
- Research the company online, but try not to use the information you got in your email. Just search for the name, other information should be present on their website.
- Ensure to deploy a professional email security solution.