CYBERSECURITY experts are warning email users to avoid clicking on malicious images contained within seemingly innocent messages.
According to email security solution company Avanan, the images are part of a new gift card phishing scam.
1
Researchers from the firm found that cybercriminals are sending fake brand emails and encouraging users to go to scam websites.
Here they’ll ask you to complete surveys to try and steal your data and financial information.
The emails are slightly different from regular scams because the bogus links are hidden behind images.
This way, it’s hard to see initially that you’re not heading to a legitimate website.
“Behind the picture is the URL—even legitimate brand pictures link to a page.
“Most marketing emails work that way. There will be a nice-looking promotional image, and the link will go to the intended page,” the Avanan blog states.
The researchers gave two examples of scams that mention Delta and Kohl’s.
They wrote: ” The intended page has nothing to do with Delta or Kohl’s and everything to do with stealing your information.”
Most read in News Tech
The bogus Delta email encourages recipients to click on an image with the false promise of winning a $1,000 gift card.
Cybercriminals also use this image trick to avoid URL filters that most big email brands use.
The blog explains: ” It’ll look clean if they aren’t scanning within the image.
“This is a fairly common method. Often, hackers will happily link a file, image, or QR code to something malicious.”
HOW TO AVOID A PHISHING SCAM
Firstly, you should be thorough when checking who the email is from.
Even if it looks official, double-check the email and look for any spelling mistakes or slight abnormalities in the sender’s email address.
Never feel pressurised into opening an attachment and avoid clicking the phrase “enable content.”
You should also be wary of links in emails.
If you’re certain an email you have received is a scam, report it to your email provider and delete it.
