MailFrontier has found that UK consumers are unable to tell the difference between criminal and legitimate emails in 25% of cases. By 1st December over half a million people had taken the MailFrontier Phishing IQ TestT including almost 73,000 UK users, with an average score of 75%. Only 4% of test takers so far have scored 100%. MailFrontier recently issued the MailFrontier Field Guide to PhishingT to help users identify the eight key types of phish.
Vanessa Wade, general manager of EMEA for MailFrontier, explains: “The festive season represents a great opportunity for cynical fraudsters wishing to exploit novice online shoppers. Traditionally, we see a massive jump in spam and phishing in the weeks leading up to Christmas and a number of new tricks emerge.”
Techniques are increasingly sophisticated; for instance one new email ploy sends users an invoice for a purchase they haven’t made. The message will ask users to confirm or cancel the transaction by clicking on a link and then give their credit card details to process a refund to their card.
Users are also at risk of downloading malicious code and spyware by opening
email attachments and greeting cards from friends. Wade again: “People don’t suspect emails and e-cards from friends, but they may be concealing malware, such as keylogging software which can capture passwords and financial data by tracking users’ keystrokes. It pays to be very cautious with these types of emails.”
MailFrontier has issued some simple steps for consumers hoping to stay safe:
Stay current
- Keep your system software and security applications up to date, these include your operating system and browser, your anti-spam, anti-phishing and anti-virus applications.
- Set your browser settings to inform you before it will download executable code (this is usually a default setting in newer versions).
- Only download items from web sites you know and are secure – be wary of the latest “Elf Bowling” game
No links
- Never click through from a link in an email – it may take you to a spoofed page
- Go to the organisation’s home page and navigate from there
No attachments
- Don’t open email attachments unless you were expecting to receive an attachment. If in doubt, call the sender.
- These may include spyware or keylogging software