SubdoMailing
Picture this: You’re going about your day, checking your emails, when suddenly you see a message from a company you trust.
You think, “Great! That’s safe to read”. But hold on just one minute… this email is not what it seems.
It’s part of yet another scam created by cybercriminals to trick you into clicking malicious links or giving up sensitive information. As dangerous as it sounds, it’s called “SubdoMailing.”
What’s the deal?
Just like regular phishing attacks, cybercriminals pretend to be trusted brands.
But here’s how it works: These cybercriminals scour the internet for subdomains of reputable companies. Do you know those extra bits in a web address before the main domain? For example, experience.trustedbrand.com. That ‘experience’ bit is the subdomain.
They find a subdomain that the brand is no longer using, but it still points to an external domain that is no longer registered.
Then, they buy the domain and set up the scam website.
So, you believe you’re clicking on experience.trustedbrand.com… but you have no idea it automatically redirects to scamwebsite.com.
The criminals are sending out five million emails a day targeting people in businesses just like yours.
Because these emails seem to come from a legitimate source, they often sail right past the usual security checks and land in your inbox.
Here’s our advice to keep you and your data safe and sound:
- Be wary of any emails that seem even remotely suspicious. If something looks fishy, it probably is.
- Before clicking on any links or downloading any attachments, take a moment to verify the sender. Look for red flags like spelling mistakes or unusual email addresses.
- Make sure your employees understand the latest phishing tactics and know how to spot a scam. A little knowledge goes a long way in keeping your company safe.
- Consider investing in top-notch security software to keep cybercriminals at bay. It might seem like an extra expense, but trust us, it’s worth it.