There are only two days to go before the red roses arrive, you get a box of chocolates, are taken out for a meal and treated to a night of passion (well, we hope so!). You may therefore want to start preparing. Maybe get a nice dress or a swanky new suit so you can look at your best.
You should also prepare for the onslaught of spam and phishing emails that are likely to be heading your way. Cyber criminals, spammers and scammers have fallen in love with St. Valentine’s Day. They take advantage of the human need to be loved and send out just the type of email people are hoping to receive.
Unfortunately, if you respond, you will not be treated to a night of passion and you will not discover a new secret admirer. You are likely to have malware installed or your bank account emptied.
Beware of scam emails and St. Valentine’s social media scams
In years gone by, scammers primarily used email or the telephone to fraudulently obtain money from the unwary or gullible. The meteoric rise in popularity of social media networks has given criminals a much easier opportunity to make money. There are phishing scams aplenty on social media networks.
However, email continues to work well for the scammers. Many people look for ways to save money on St. Valentine’s Day, and respond to emails offering discounts on flowers, chocolates, gifts, and holidays.
Spam emails typically sent by criminals tend to have subject lines such as “Will you be my Valentine?”, “Valentine’s Day Jewelry”, and “Cheap Flowers for Valentine’s Day”. The same subject lines that could possibly be sent by legitimate retailers or potential lovers. This is why the emails are opened by so many people.
In March, 2010, the results of a new study were published by the Messaging Anti-Abuse Working Group. The study looked at why people fall for email scams. The study was conducted on 3,716 individuals and they were asked questions about their response to spam email.
In some cases, it was not a failure to identify an email as spam that resulted in the email being opened, but because the recipient was genuinely interested in the products or services being offered. 11% of respondents opened the messages, knowing that the email was spam and 15% of those individuals did so because they liked the sound of the offer or product.
Scammers are aware that a percentage of their emails will be opened, and also that many people will respond and disclose information. The more emails that can be sent, the bigger the response will be and the more money will be made. The volume of spam emails being sent is therefore unlikely to decrease. The only thing that will stop the emails is when it is no longer profitable to send them.
How to avoid becoming a victim of a scam or phishing campaign this Valentine’s Day
Businesses need to be particularly wary this Valentine’s Day. If these malicious emails are delivered to employees’ inboxes, a percentage (11% according to the study) of those employees will open them. Many may visit malicious websites as a result – a link to a malicious website offering cut price jewelry with free next day delivery. They may even open malware-infected attachments – a JPEG picture of an admirer for example that is really a cunningly masked executable file.
By installing a spam filter with an anti-phishing component, the vast majority of these emails will be caught and quarantined and, if one does get through, the user will be prevented from visiting a malicious website. In the case of SpamTitan, 99.97% of those emails can be blocked. This is one of the best steps that can be taken to protect networks from malware delivered via email.
Additional protections include:
- Instructing employees how to identify a phishing attack, and teaching best practices to follow to avoid compromising a network or becoming a victim of a scam.
- Develop a culture of security awareness. Get employees to stop and think before taking an action and always to suspect that an email may be a phishing attack
- Never to unsubscribe from an email mailing list they haven’t joined. The email can be marked as junk and all future emails will be delivered to the spam folder, or caught in an Anti-Spam filter if one has been installed
- If an offer is interesting enough to warrant a response, contact the company via its official website or use the telephone. The contact details can be found in the phone book or through the search engines. Do not contact the company using the details supplied in the email
- Keep all Anti-Virus, Anti-Malware, and Anti-Spam definitions up to date
- Tell staff not to trust any unsolicited email they receive