There has been a surge in emails which are disguised to appear as if it is coming from organisations you know like bank, email providers like Yahoo or Google, Amazon, Facebook, insurance company, school, university, other places that you may be familiar with and already have an account. Their aim is to pretend they are that well known party so that you either:
- Download a file and run it. The file name is generally disguised to look like a .pdf but it is actually a executable file which will make changes in your computer. For example, file - mybankaccountstatement.pdf.exe.
- Click on a link in the email, which leads you to a fake page that resembles the login page or home page of the bank, school, university, email, social media etc, you try to login into this fake page and they collect all the login information you enter, Then they can use that login information to enter the real website and defraud or harm you.
The solution is simple:
- Before you click a link or download, ensure that it is from a known contact and it really is from the bank. Even after that, make sure the page you are entering your information in, is hosted on the expected domain. The file being downloaded is a pdf, doc or xls file.
- Enter information in a secure website only, in others, just view information don't enter any information.
- Have a paid version of good anti-virus solution and keep it updated for Windows / keep your Mac fully updated.