Is this the most dangerous phishing scam yet?

Picture this: You’re going about your day, checking your emails, when suddenly you see a message from a company you trust.

You think, “Great! That’s safe to read”. But hold on just one minute… this email is not what it seems.

It’s part of yet another scam created by cyber criminals to trick you into clicking malicious links or giving up sensitive info. It’s called “SubdoMailing,” and it’s as dangerous as it sounds.

What’s the deal?

Just like regular phishing attacks, cyber criminals pretend to be trusted brands.

But here’s how it works: These cyber criminals scour the internet for subdomains of reputable companies. You know those extra bits in a web address that come before the main domain? Such as experience.trustedbrand.com. That ‘experience’ bit is the subdomain.

They find a subdomain that the brand is no longer using and is still pointing to an external domain that’s no longer registered.

Then they buy the domain and set up the scam website.

So, you believe you’re clicking on experience.trustedbrand.com… but you have no idea it automatically redirects to scamwebsite.com.

The criminals are sending out five million emails a day targeting people in businesses just like yours.

And because these emails are coming from what seems like a legit source, they often sail right past usual security checks and land in your inbox.

Here’s our advice to keep you and your data safe and sound:

  • Be wary of any emails that seem even remotely suspicious. If something looks fishy, it probably is.
  • Before clicking on any links or downloading any attachments, take a moment to verify the sender. Look for red flags like spelling mistakes or unusual email addresses.
  • Make sure your employees understand the latest phishing tactics and know how to spot a scam. A little knowledge goes a long way in keeping your company safe.
  • Consider investing in top-notch security software to keep the cyber criminals at bay. It might seem like an extra expense, but trust us, it’s worth it.

As always, if you need help with this or any other aspect of your email security, get in touch.

Like this article?

Share on Facebook
Share on Twitter
Share on Linkdin
Share on Pinterest

Related Posts

Free malware ransomware scam vector

Don’t Risk It! Why You Shouldn’t Skip Vulnerability Assessments

Cyber threats are a perpetual reality for business owners. Hackers are constantly innovating. They devise new ways to exploit vulnerabilities in computer systems and networks. For businesses of all sizes, a proactive approach to cybersecurity is essential. One of the most crucial elements of this approach is regular vulnerability assessments. A vulnerability assessment is a

Free cybersecurity lock encryption vector

7 Common Pitfalls When Adopting Zero Trust Security

Zero Trust security is rapidly transforming the cybersecurity landscape. It moves away from traditional perimeter-based security models. In this approach, every connection attempt is continuously verified before granting resource access. 56% of global organizations say adopting Zero Trust is a “Top” or “High” priority. This approach offers significant security advantages. But the transition process presents

a man sitting at a table writing on a notebook

4 Ways Small Businesses Can Leverage Copilot for Microsoft 365

What are some of the key differentiators that can propel small businesses forward? They include efficiency, productivity, and innovation. Microsoft has expanded the availability of one of its most dynamic tools to SMBs. A tool that can be a real game-changer for growth. Copilot for Microsoft 365 is a powerful new addition to the M365