Wow, some of the phishing hacks are getting smart!
While we haven’t seen this particular one ourselves yet, it’s certainly good enough to fool most people if you do see it! (so beware!)
The clue is that its emailed to you – a message like this wouldn’t come as an email, and certainly not from an IBM address – but wow, it’s really convincing! (Thanks bleepingcomputer for highlighting it)
So, how can you protect yourself from something like this? KARE for Security helps in three ways:
- Mailwashing and ATP – would have scanned the email before it came to you and tried to filter it out, so it never gets to your inbox in the first place;
- Because mail washing is never 100%, the second layer of defence is URL Reputation – this email is relatively harmless until you act on it, by clicking the embedded button. KARE for Security would check the URL link of the button against a database of safe/unsafe sites. In this case, it would intercept the action, and warn you before you actually got to the bad website; and
- Just in case the automated tools still don’t block it, then our training and awareness programmes have already give you and your users the clues on what to look out for, and you’d be too smart to fall for this!