Published Monday, September 17, 2018 at: 7:00 AM EDT
The Russian conspiracy to meddle in the 2016 presidential campaign relied on a common scam called "spearphishing." While the history-making scam may sound sophisticated, this form of digital fraud is running rampant. Anyone using email is likely to be attacked these days. Here are some tips to protect yourself.
In a spearphishing attack, a hacker sends you an email message to trick you into disclosing your username and password to a secure account. The message looks like it's from a legitimate source you trust.
You click on the link and, unbeknownst to you, you install a program that records your next 100 keystrokes. The email from a trusted source was a Trojan Horse, malicious software that sends your password and user ID to the hackers.
New variants of the scam are appearing so fast that anti-virus software can't keep up, which puts you on the front line in defending yourself from attack. Perhaps the most important way to thwart an attack is by looking at links in emails before clicking.
In this popular spearphishing scam, hovering over the link in the email displays a website address that is absolutely, positively not Federal Express. And the email address from which this message was sent is plainly NOT a legitimate Federal Express dot-com account. Often the "From" address will tip you off to a fraud.
Phishing emails, until recently, were easy to spot because they commonly contained misspellings, grammatical errors and company branding mistakes. A scan of hundreds of recent phishing messages indicates fewer of these telltale signs. The scammers are getting smarter.
While the cat versus mouse game has of late been won by the evildoers, software solutions are growing stronger. For example, Microsoft Office 365 online users now have a way of designating a message as "Phishing." This new feature for "blacklisting" a malicious message prevents a scam from hitting you twice and gives Microsoft information about its origin. Of course, updating your anti-virus software is always a must. If you ever have any questions about emails you receive from us, please do not hesitate to call us.
This article was written by a professional financial journalist for Advisor Products and is not intended as legal or investment advice.
This site is only intended for clients and interested investors residing in states and countries in which Ball & Company, Inc. is qualified to conduct investment advisory services. Ball & Company, Inc. is an SEC registered investment adviser located in Thousand Oaks, CA. Ball & Company, Inc. may only transact business in those states or countries in which it is registered, or qualifies for an exemption or exclusion from registration requirements. For non-clients of the firm, Ball & Company, Inc.'s website is limited to the dissemination of general information pertaining to its investment advisory services. Please contact Ball & Company, Inc. at 805-376-2779 to find out if we may conduct advisory business in the state or country where you reside. Accordingly, Ball & Company, Inc. does not, and will not, effect or attempt to effect transactions in securities, or the rendering of personalized investment advice for compensation, through this website. Any subsequent, direct communication with a prospective client shall be conducted by a Ball & Company, Inc. representative who is either registered or qualifies for an exemption or exclusion from registration in the state or country where the prospective client resides.