By Arthur Moses Opio
According to AAG, "Around 3.4 billion spam emails are sent every day" and this shows us that email remains the number one attack vector.
In 2022 alone, over 48% of emails sent were spam.
An email address is a unique identifier and hackers know that information through and email carries authenticity and credibility.
Looking at the the scam email above, we can see the email bams.mak.ac.ug is masked with the scammers email address info@fa.chongerports.cfd
That masking is part of the social engineering that is a key skill in the scammers world today.
The email has social engineering leads like;
- Exceeded Limit and will soon by terminated by Monday, February 3, 2025 9:52 a.m.
- Attention: You have 5 Messages Pending (This has been a trick, they have continued to use and naturally you would wonder and then rush to click thinking your storage is used up.) Our system normally alerts you automatically when email storage is about to get full.
- Your Account is suspended due to it has exceeded its storage limit.
- We request that you add storage to your account if you want to continue using.
- Failure to add storage to your account will lead to final termination.
Hackers always play the waiting game and they know that you only need to switch off a little bit for them to have a field day.
Just like a football defence can be caught sleeping, the same applies to our technology field.
You can be tired and your mind cannot process an email like this and since we are creatures of habit, we don’t take time to read the whole email and scrutinise it’s source and email headers. We just go to the embedded links and click. Just pause, stop and think.
The blue button, “Add Storage Here” has a link and once you click, you end up giving up your credentials or allow malware to run in the back of your computer without your knowledge.
Malware continues to be a big problem and it can affect your productivity.
1. Ensure your computer is up to date.
2. Avoid clicking links from suspicious sources.
3. Change your password via sso.mak.ac.ug whenever you find or feel compromised.
4. Report any suspicious activity to us for analysis.
#BeSafeOnline.
You are better off safe than sorry.