Why do so many people still fall for email fakes?

Email fakes are still common in many people’s inboxes. This is due to the growing number of cybercrime attempts such as Phishing and Ransonware.

With the advancement of the internet, these types of scams are becoming increasingly refined and even rely on the help of Artificial Intelligence in the creation of malware, with the purpose of detecting vulnerabilities in victims’ computers.

“The advance in the use of AI to carry out cybercrimes makes it more difficult for criminals to find out, as they are constantly creating new ways to circumvent legal control and investigation tools,” said Roberta Rodrigues, chief data protection advisor at the Military Prosecutor’s Office, in a recent debate held at the Prosecutor’s Office.

Let’s take a look at the most common characteristics of email fakes.

Phishing

This is malicious software which, once installed on the user’s computer, can steal personal data for financial gain.

Thus, credit card data can be obtained to carry out transactions in the victim’s name, fake invoices can be created and so on.

Phishing senders use the names of well-known companies to make the user feel safe when carrying out any action within the email. Generally, the person is asked to click on a mailto link, which leads to malicious websites and applications.

In 2022 alone, 600 companies had their names included in phishing emails worldwide. Just to give you an example, Microsoft, Google, Apple and Adobe were some of the most used by criminals. The data comes from Statista.com.

Ransonware

Ransonware, as the name implies (ranson means ransom in Portuguese), is the crime of hijacking data for a ransom.

In the case of this scam, large companies are the criminals’ favorite because they contain third-party data.

And leaking customer and supplier data violates the statutes of Data Protection Laws around the world: ADPPA (United States), GDPR (European Community), LGPD (Brazil), among other countries that have already enacted their data protection laws. The penalties are stiff and the fines are very high.

So, to prevent Ransonware attacks, companies hire a DPO – Data Protection Officer – whose job is to guarantee an excellent level of information security within the company, through technology (IT profile), and also through legal channels, observing what can and cannot be done.

Ransonware and celebrity email fakes

Another favorite of criminals is celebrities, with the aim of exposing sensitive data to the public.

In 2020, the attack on the American law firm Grubman Shire Meiselas & Sack, which at the time served celebrities such as Madonna, Lady Gaga, Mariah Carey, among others, had confidentiality contracts and other secret information such as phone numbers and emails in the hands of Ransonware hackers.

The criminals demanded payment of US$21 million, but the amount increased to US$42 million when the law firm refused to pay.

The hackers also threatened to leak data on then President Donald Trump. However, the former president was not a client of the firm that was being threatened.

The FBI was called in to investigate but it is not known how the case ended.

And how can we, mere mortals, protect ourselves from email fakes?

Learning to identify

Be wary of anything suspicious. Very appealing subject lines, such as “Hurry up because it’s about to end” and the like, signal urgency in getting your click.

And if the urgency is so great, it means that you may not be paying attention to the details of the email. Serious marketing campaigns don’t need this kind of appeal.

Offers that are “too good to be true” are also reasons to be suspicious. To avoid falling for scams, stay vigilant!

Using antivirus

It never hurts to install a good antivirus and scan your computer regularly. If there is any malware on your computer, the antivirus will find it. And if your computer is free of viruses, you guarantee your protection against malicious software.

In the world of email marketing, email fakes have a different connotation

In the case of email marketing, email fakes have nothing to do with Phishing and Ransonware.

Disposable or temporary addresses are, for marketers, email fakes. This is because an email that only lasts a few hours becomes a bounce after it expires.

In other words, disposable emails are invalid for anyone dealing with lists containing a large volume of contacts.

Sending bulk emails must comply with a series of requirements, not only from the providers, but also from the General Data Protection Act itself.

Lists containing bounces and invalid emails are blocked, and this detonates marketing investments.

And the only way to stay away from bounces, invalid and risky emails is to check your emails frequently.

Even those who work with registration forms to generate leads should validate their lists in real time by installing the SafetyMails API.

This way, risky contacts are automatically corrected and the lists generated by the forms are clean and free of bounces.

As a result, deliverability rates reach high levels and email marketing results take off.

After all, why do so many people fall for email fakes?

Lack of attention is the main reason. In other words:

• If you receive an email with an attachment, don’t open the file.
• Companies that ask you to send personal data by email are suspect. Don’t believe “registration updates” or similar arguments.
• Change your email password frequently. And don’t forget to create a strong password.
• Keep an eye on the sender’s domain. Did you receive an email from your town hall? Go to Google and check that the domain in the email is real. Don’t click on any links!
• Received an email from an unknown sender? Don’t bother opening it. It’s spam.
• All the above guidelines apply to both personal and corporate emails. Stay vigilant!

FAQ