Don’t be fooled by “phishing” emails
Yesterday an article appeared in the Toronto Star about an email extortion scam that a number of clients have called or emailed us about over the last couple of months.
Generally the emails being received go something like:
“We saw what you were looking at online. Send money to a bitcoin account or else we will email all of your contacts with what you did.”
The email may look like it is coming from your own email address, and to make it extra convincing, it may even have one your passwords in it.*
An email that appears to come from a company’s president, cfo, or other executive is sent to someone in accounting with instructions to make a special payment to a person or company.
Both of these are ‘phishing’ emails. They are not directly targeted to you, and the senders don’t know who you are. They send millions of these emails out and some percentage of people fall for them, making it a lucrative business.
Don’t fall for them. And don’t click on any links in them.
If you have a question about a suspicious email you’ve received feel free to contact us or your local IT provider.
* How did they get your old password?
There have been many account hacks over recent years, think Home Depot, LinkedIn, MySpace and others. All of those stolen passwords are available on the internet, and can be bought by the bad guys. If you use the same password on more than one account (most people do), there is a chance you could still be using the password they have purchased.
You can check if your email address exists in the stolen password databases at https://haveibeenpwned.com, an Australian security company.