Recently we got a Scam of the Week email from our partners at KnowB4 that blew our minds SO MUCH we just had to share:
If you try logging in to an account, but get a “wrong password” error what do you do? You’ll probably try typing the same password again. But if that doesn’t work do you try another one of your passwords? Then another, and another? Cybercriminals have a clever new scam that takes advantage of this exact behavior.
You receive an email with a link to view an important document. If you click the link, the document looks blurred-out and is covered by a fake Adobe PDF login page. If you enter your email and password, you’ll get an error stating that your password is invalid. This page allows you to try a few more times before eventually blocking you from viewing the document. But the truth is, there was never a document to view. Instead, the cybercriminals saved your email address and every password you tried to use. They can use this information to try to log in as you on other websites.
(A note from the Exclamation Team: it's surprisingly easy to make something that looks legit. Our designer, Pam, whipped this image up so fast it made us feel a little icky. Fortunately, we totally trust Pam. )
Don’t be fooled! Remember these tips:
Remember that any site, brand, or service can be spoofed.
Never click a link in an email that you were not expecting. If you’re not sure, reach out to the sender by phone to confirm the legitimacy of the email.
Always use a password that is unique to that specific account. This way, if your credentials are stolen, the cybercriminals can’t access your accounts on other websites.
Stop, Look, and Think. Don't be fooled.
The KnowBe4 Security Team
About The Exclamation Team: We're a group of multi-talented, multi-discipline, multi-tasking experts in IT and Marketing. When we’re not focused on helping one of our credit union or business clients take things to the next level, we’re probably creating something new and cool to share with the world. You can follow the Exclamation Team on Facebook, Twitter, LinkedIn, and Instagram.