Imagine this: It is a normal day in the office and you are checking your emails. Then suddenly you see a message from a company you trust. You open it thinking it is safe to read…but hold on…this email is not what it seems. It is part of yet another scam created by cyber criminals to trick you into clicking malicious links or giving up sensitive info.

This is called ‘SubdoMailing’. This might not sound too threatening, but it really is. Just like regular phishing attacks, cyber criminals pretend to be trusted brands. These cyber criminals scour the internet for subdomains of reputable companies. This is the extra bits in a web address that come before the main domain, such as, experience.trustedbrand.com. The ‘experience’ part is the subdomain. They find a subdomain that the brand is no longer using and is still directing to an external domain that is no longer registered.

They then buy the domain and set up a scam website. This makes it look like you are clicking on the trusted brands website but in reality, you are heading for a scam.

The criminals are sending out 5 million emails a day targeting people in businebsses just like yours. Furthermore, because these emails look like they are coming from a legit source they often sail past the security check and land safely in your inbox.

Here is our advice to keep you and your data safe:

• Be wary of any emails that seem even remotely suspicious. If something looks fishy, it probably is.
• Before clicking on any links or downloading any attachments, take a moment to verify the sender. Look for red flags like spelling mistakes or unusual email addresses.
• Make sure your employees understand the latest phishing tactics and know how to spot a scam. A little knowledge goes a long way in keeping your company safe.
• Consider investing in top notch security software to keep the cyber criminals at bay. It might seem like an extra expense, but it is worth it.

If you have any concerns or questions, feel free to get in touch.

Here is a guide that dives a bit deeper