01908 410041 | info@ccsnet.co.uk

SubdoMailing. Why you should be aware of it.

Cyber Security, Tech News

We educate many businesses and individuals on cybersecurity best practises and looking out for phishing emails.

However, when you receive an email from a company you trust, you may drop your guard.

You think, “Great! That’s safe to read”. But hold on just one minute… this email is not what it seems.

This is actually part of a new scam created by cyber criminals to trick you into clicking malicious links or giving up sensitive information.

It’s called “SubdoMailing”.

So, what is SubdoMailing and how can you protect yourself from falling for this scam?

Just like regular phishing attacks, cyber criminals pretend to be trusted brands. They scour the internet for subdomains of reputable companies.

Subdomains are the additional parts of a domain, such as adventures.trustedbrand.com. The ‘adventures part is the subdomain.

The cyber criminals find a subdomain that the brand is no longer using and is still pointing to an external domain that’s no longer registered.

Then they go ahead buy the domain and set up the scam website.

So, when you think you’re clicking on adventures.trustedbrand.com… you have no idea it actually redirects to scamwebsite.com.

It’s been reported by Tech Radar that the cyber criminals are sending out five million emails a day targeting people in businesses just like yours.

And because these emails are coming from what seems like a legit source, there is a chance they will go undetected by the usual security checks and land in your inbox.

Here are 4 ways to help keep you and your data protected:

  • Be wary of any emails that seem even remotely suspicious. If something doesn’t feel right looks fishy, it probably is.
  • Before clicking on any links or downloading any attachments, take a moment to verify the sender. Look for red flags like spelling mistakes or unusual email addresses.
  • Ensure your employees understand the latest phishing tactics and know how to spot a scam. A little knowledge goes a long way in keeping your company safe. Cyber security training awareness is a great way to do this and there are various ways in which you can implement this in your business.
  • Invest in security software. It might seem like an extra expense, but trust us, it’s worth it.

As always, if you need help with this or any other aspect of your email security, get in touch.

Related Articles