A phishing email scam is attempting to lure recipients to malicious websites by claiming they may have left their car headlights on.
Phishing scammers can use a large array of different tricks to lure email users into clicking links that lead to dangerous websites. For example, scammers frequently pretend to be banks asking email recipients to click a link to rectify security issues, or claim to be from social media sites like Facebook alarming users by threatening to close their accounts unless they click a link to sort out an account violation.
In all those cases the scammers are using social engineering tricks to lure an email user into clicking a link that will lead to a website that will try and trick the visitor into entering personal or sensitive information.
And the same applies to this latest email that crooks are sending out targeted at office workers who might be somewhat alarmed at the prospect of leaving the office to find a car that doesn’t go anywhere.
To all employees,
Someone left their headlights on in the parking lot. An employee took a picture of the care that I’ve uploaded here. Please check to see if this car is yours, as we don’t want anyone leaving work today only to find their battery is dead!
Thanks again everyone.
Building Manager
In the email, the crook is posing as a building manager warning employees inside to click a link to what is presumably a photo of a car to check if the car belongs to them.
Sponsored Content. Continued below...
The link won’t go to an image, however. After clicking the link, visitors will be asked to login using a social media account. However the site is owned by the crooks and any login information entered into it will be sent straight to the scammers.
Here is a brief recap of our tips to help avoid and protect yourself against these types of phishing scams.
– Be wary of emails that contain little personal information and use generic greetings like “customer”.
– Watch out for poor spelling and grammar.
– Watch out for emails that emphasise a sense of urgency or seemed design into panicking recipients into clicking a link.
– Be wary of emails that don’t appear to be relevant to you. For example with the phishing scam above, you don’t work in an office block. Or an email may be from a company or bank that you have no relationship with.
– If the email seems suspicious or “off”, don’t click on any links within it.
– If you do click a link in an email and you’re asked to enter personal or sensitive information, check the URL to see if its correct.
– Use two-factor-authentication on your online accounts. This way, if you do fall for such a scam and enter your login information into a spoof website, crooks would still need an extra piece of information to access your account (for example a code sent via SMS or created by an authentication app.)
– Have good security software installed that can detect a phishing scam. Our recommended security software is discussed here.
Stay safe out here.