Spoofing victims are typically targeted with a deceptive email which is guised as being sent from a genuine and trusted source – such as a request from the victim’s bank or communications service provider.
The email requests the victim to perform some action such as opening an attachment or clicking a link which downloads and installs malware.
To minimise the possibility of being a victim of such techniques:
- Use a spam filter which will block the majority of unsolicited emails from ever making it to your inbox;
- Always verify the email address of the sender – not just the sender’s name;
- If you receive an email from a person you know but the content of the email seems suspicious, do not reply. Contact that person separately;
- Do not open any attachments from senders you don’t know or are not expecting;
- Do not click any links before verifying where the link will take you;
- Never provide sensitive information on a website unless you are sure that the website is a legitimate one and has legitimate reasons to ask for such information;
- Train your staff in how to recognise common impersonation tactics.
- Make sure you are not redirected – i.e. you are unknowingly taken to a different website which has an identical design to the one you are expecting;
As part of the Cyber Security Malta, Tech.mt collaborates with the Malta Information Technology Agency (MITA) and the Malta Digital Innovation Authority (MDIA) to deliver educational video episodes about Security in the Digital Economy towards a safer future.