City businesses have been hit with a spam phishing email.
We have been alerted that businesses holding a City of Gig Harbor endorsement have been sent an email instructing them to renew their business license. This email did NOT come from the City of Gig Harbor. Our business license function is through the State of Washington. The phishing email is coming from overseas.
More information on Phishing / Spam:
Adam Kujawa, Director of Malwarebytes Labs, says of phishing emails: “Phishing is the simplest kind of cyberattack and, at the same time, the most dangerous and effective. That is because it attacks the most vulnerable and powerful computer on the planet: the human mind.”
Phishing emails trick victims into giving up sensitive information, e.g. website logins, and credit card info, by way of social engineering and email spoofing. Spoofed emails mimic, or spoof, an email from a legitimate sender, demanding some sort of action. Well executed spoofs will contain familiar branding and content, and sound urgent—even threatening. Common phishing ploys include:
- A request for payment of an outstanding invoice.
- A request to reset your password or verify your account.
- Verification of purchases you never made.
- A request for updated billing information.
By tricking us into giving up valuable information, cybercriminals are able to hack the online services we use every day without any real technological savvy. To put it another way, why pick the lock when you can just steal the key?
Malspam is any kind of malware spread via spam. Much like advance-fee and phishing emails, malspam relies on social engineering to trick recipients into taking some kind of action, often against our better judgment, like clicking a download link, or opening an attachment contained in the email that infects your computer with malware.
In either case, these downloads and attachments often come in the form of Word, PowerPoint or PDF files with malicious code hidden in the scripts/macros (i.e. automated tasks). When the document is opened the scripts run, retrieving the malware payload from the command and control (C&C) servers run by the cybercriminals.
Malware payloads vary greatly. The malware payload may enslave your computer into a botnet for the purposes of sending out more spam. More often than not the payload will be a Trojan. As we noted in our Cybercrime Tactics and Techniques Report, the majority of malware attacks in 2018 for both businesses and consumers were identified as Trojans of some kind.
Banking Trojans, for example, are designed to steal sensitive financial information off your computer. And in an interesting twist, some Trojans, e.g. Emotet and TrickBot, are now being used as a delivery mechanism for other malware, like ransomware, adware, spyware, or cryptojackers.