Search
Close this search box.

SubdoMailing Phishing Alert

Could This Be the Most Perilous Phishing Scam Yet?

Imagine this scenario: You’re going about your day, casually checking your emails, when suddenly you come across a message from a reputable company you trust.

Your initial thought is, “Excellent! This must be safe to open.” But pause for just a moment… this email isn’t as innocent as it appears.

It’s actually part of a sophisticated scam orchestrated by cyber criminals, designed to lure you into clicking on malicious links or divulging sensitive information. This deceitful scheme is known as “SubdoMailing,” and it’s every bit as treacherous as it sounds.

What’s the deal?

Much like conventional phishing attacks, cyber criminals masquerade as trusted brands.

However, here’s the twist: These cunning individuals scour the vast expanse of the internet for subdomains associated with reputable companies. You know, those additional segments in a web address that precede the main domain? For instance, consider “experience.trustedbrand.com.” In this case, ‘experience’ constitutes the subdomain.

They pinpoint a subdomain that the brand has ceased using, yet still directs to an external domain that’s no longer registered.

Next, they acquire the domain and establish the fraudulent website.

So, when you innocently click on “experience.trustedbrand.com,” you’re oblivious to the fact that it seamlessly redirects to “scamwebsite.com.”

These criminals are dispatching a staggering five million emails per day, targeting people in businesses just like yours.

Moreover, since these emails appear to originate from a reputable source, they often circumvent routine security checks and infiltrate your inbox undetected.

So here is our advice to protect you and your data:

Exercise caution with any emails that raise even the slightest suspicion. If something seems wrong, the chances are it is.

Prior to clicking on any links or downloading attachments, look for red flags – download our free guide on email security here to help identify these.

Take a moment to authenticate the sender.  Watch out for tell-tale signs such as spelling errors or unusual email addresses.

Educate your employees on the latest phishing tactics and equip them with the skills to spot a scam. A little knowledge can go a long way in safeguarding your company.

Consider investing in top-tier security solutions to protect your data and fortify your defences against cyber criminals. While it may entail an additional expense, rest assured, it’s a worthwhile investment

We assist businesses like yours in staying secure. Need to train your employees? We can do that too.

If you’re not 100% confident that you’re fully protected… We are here to help. Get in touch

Book a call today to discuss how we can supply dedicated IT Services to support your business