TitanHQ Blog

Beware Valentines Day Phishing Attacks.

Posted by C Henry on Mon, Feb 13th, 2017

Scammers want to get close to you this Valentine's Day. Phishing scams always rise during the holidays and  Valentine’s Day is no exception. Valentine’s Day offers spammers and scammers the perfect opportunity to lure people into opening their wallets or giving away  personal information under the deceptive guise of love. 

Scammers will send massive email campaigns to dupe victims into handing over personal information.  If you get a Valentine’s Day email from someone you don’t know, do not click on anything.  Don’t follow the link.  For instance, you may get an email asking you to confirm your recent order from a fake online florist. Organised cyber criminals send out thousands of emails to unsuspecting victims and  create fake florist websites specifically for the purposes of phishing. 

Here are some tell-tale signs of a phishing email:

1. Does the sender name EXACTLY match other emails from the same party? If not, it could be packing malware.

2. If you're asked to reply with confidential data, be suspicious. A legitimate business will not ask for your username and/or password or to click a link to change your password. 

3. The offer seems to good to be true.  Remember that even if you know the sender, the sender’s address book could have been hijacked and used to disseminate phishing emails.

4. The email threatens you with dire consequences if you do not comply:

“Your computer has a virus” – This is a trick in email and website pop-up advertisements. You are asked to download a “security package” to combat the virus. Unfortunately, rogue security programs are one of the most common sources of malware infection. Ignore warnings about malware from any source except your verified antimalware program.
The email asks for “urgent” or “immediate” action, particularly involving financial transactions – This is how The Scoular Co. lost $17.2 million. Confirm any such requests  by telephone or, better yet, in person. Check with managers at your company before clicking on or replying to such emails.

5. An email contains an attachment that purports to be an order confirmation or receipt.   Think: have you ordered anything from that company? If so, do past emails have the same format and look? It is better in general to access information on an official website than to click links in an email or download an email attachment.

6. The email has an attachment with some non-standard document extension - attachments are a major source of infection. A standard document extension for Microsoft Office would be one ending in .docx , xlsx, or .pptx. These should be OK. But if the extension ends “m” (for macro), the document contains some embedded code that may execute when you open the document. Any Adobe Reader .pdf or zip file .zip document can contain malicious website links or malicious JavaScript files that could unleash a malware infection. The best advice is to check with the sender before downloading an attachment.

7. The sender’s email address does not seem to match the contents - Does it make sense that an email from UPS would come from an address such as j.shi@jung.com? Probably not. How about from no.reply@up.s.com? Notice the periods. This is not from UPS, it is from up.s. The "from" address in an email can be faked. Do not assume that if it comes from a known address that it is legitimate.

8. The wording of the email is awkward. – Does the content appear to be proper English (or whatever language it should be)? 

Quick Tips:

•    Use only trustworthy and reliable websites for online shopping and sending e-cards to your loved ones. 
•    Make sure your anti spam, antivirus and anti malware solutions are up to date! 
•    Don’t click on links within emails when you’re not sure of the sender . Do not open an email you were not expecting or an email from a sender you do not recognise. Always be very careful of suspicious emails and links. 
•    Never enter your personal information on a page you don’t know or trust. And always check the URL to make sure you’re not on a phishing site.
•    Only sign in to your online accounts when your 100% certain that you’re on the right site – always check the URL is correct. 

Cybercriminals are very good at varying their scams to  suit the current season. Whatever your romantic status, don’t fall for these common traps that are sure to pop up this Valentine’s Day.

You may be interested in this article on email spoofing, a tool often used by spammers to spread phishing campaigns GO TO ARTICLE.

Never Miss a Blog Post

Sign-up for email updates...

Get Your 30 Day FREE Trial

Talk to Our Email and DNS Security Team

Call us on USA +1 813 304 2544 or IRL +353 91 545555

Contact Us