As you all know, hackers are always up to no good. Today I would like to tell you a real-life story about someone who was caught up in an email spoof hack.
This person has their email spoofed, but it was not even their email! The sender added an extra “s” to the email address! Without the sharp eye of the receiving party, things could have gotten very bad!
See, this email was to a bank. The sender was claiming to be the individual who held an account at that bank. The sender wanted the bank to wire an extraordinary amount of money to someone for them. Now, the account holder is not new to wiring money, and in the amount requested. The banker did a great deal of scrutinizing over the request because something seemed off.
Thank goodness they did such due diligence! It could have gotten very bad for the account holder! When the banker looked back at the emails in question, they noticed the extra “s”!
The great news is, this banker saved the day. The bad news is, this can happen to anyone! I’m not talking just an email to the bank. I am talking an invoice sent to you from Amazon or your water company. That extra “s” can easily be looked over.
Think about it. If you get an email from [email protected], would you not think it was legit?
Look at that address again…
The “O” was replaced with a zero! At first blush, it looks legit!
Moral of this story is, make sure you scrutinize over any invoice, password reset request, or log-on link that comes in your email. Especially unsolicited.