The other day I received an email from my pastor, which is not unusual; I'm fairly active in my church and we do occasionaly communicate electronically. What struck me as odd was the email itself. This email is below:
How are you?
I need a favor from you, please email me back as soon as possible.
Hope to hear from you soon.
Did anything stick out to you? Here's what my spidey-senses tingle:
- The Subject. I'm failry cerain that he wouldn't send an email with a subject like "hello", especially written out in all caps.
- The Content. Normally he addresses the recipient by name and he signs off with his own name. No names were used in the email. The email was also too vague. He would have explicitly stated and explained his request.
- The "From" Email Address. It was wrong. Simple as that.
I reached out to him at his real email address asking if he sent that email (it's a pretty weird feeling asking your pastor if he sent you spam). Lo and behold, he did not send it; it was fake. Minutes later the church sent a mass email alerting members that the pastor's email account was hacked and to not respond to emails from that particular address. How perfect is it that I receive a social engineering email just as Marshall starts his blog series on social engineering?
Hackers and data thieves are sneaky, and they're becoming sneakier. They're constantly seeking ways to trick you into giving them what they want. Masquerading as someone like a pastor is a slick move. See, it's all about trust. If the hacker can make their request seem like it's coming from someone you trust - a friend, family memeber, pastor - you're more likely to respond. After all, how could you ignore a request from your pastor?
You need to know the person the email is coming from. Does the email look and is it written like other emails they have sent? Is their email address correct? If any bit of the email doesn't align with what that person normally sends, ask them (via another email address or phone call) if they sent it. Do NOT respond to the email. If it's legit, you're okay. If it's not, delete the email and alert them that they have been hacked.
Hackers are becoming far too crafty and hacks are occurring far too often. It's sad that skepticism is the lens through which we must view emails from peers, but that's the unfortunate reality of the age in which we live. When it comes to the web, your need to take everything with a grain of salt. Even if it's a pastor asking for a favor.