Do you do business with American Express or Netflix
Better be on the alert. Windows Defender Security Intel has recently reported the detection of two major new phishing-style campaigns aimed at the customers of both businesses.
Recipients have been receiving emails that appear identical to official Netflix and American Express communications.
In both cases, the ultimate goal is to convince customers to hand over their credit or debit card information. Microsoft has sent a couple of different tweets out about the issue. One of them assures customers that "Machine learning and detonation-based protections in Office 365 ATP protect customers against both campaigns."
And another warned that "The Netflix campaign lures recipients into giving away credit card and SSN info using a 'Your account is on hold' email and a well-crafted payment form attached to the email."
These poison emails are extremely easy to fall for
The unfortunate truth is that emails like the ones currently in play are extremely easy to craft and very compelling. The hackers simply play on the fears of the customer, making it sound as though if they don't take immediate action they'll lose access to a valued service they've come to rely on.
There's essentially no cost to the hacker for pushing out hundreds or even thousands of emails like the ones currently being used. For each victim that falls prey to the tactic, the costs can be enormous.
Our perspective
As ever, the first best line of defense is education and awareness. In addition to that, if there's ever any question at all about the status of your account, the best thing you can do is to address the issue via another channel.
In other words, don't simply reply to the email you received. Open a new tab, look up the company's customer support number and call to verify. Doing so will tell you in short order whether the email you received was legitimate, or someone trying to separate you from your hard-earned money.
The author
Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available at dwpia on LinkedIn, at dwpia on Facebook, and @dwpia on Twitter.
Denis S Wilson
I am President and Principal Consultant for DWP Information Architects: specializing in managed IT support for smaller healthcare practices, clinics, insurance companies, and nonprofit companies in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance.
I am also a published author and speaker, working extensively with organizations that include: the State of California, the Federal Bureau of Investigation (FBI), the Small Business Administration (SBA), SCORE, Women's Business Centers, and Small Business Development Centers. As well as providing small business technology education programs through business and professional associations.
Contact me if you would like me to speak at your meeting.
Meanwhile, check out this report
Executive Report: 10 Hidden IT Risks That Might Threaten Your Business
