You are here: Blog Josh Coppage Even the Most Diligent Individuals Are Not Immune to Data Breaches

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Spam Can Be Tricky, So Keep an Eye Out for These Warning Signs

Voyage Technology Blog Security
0 Comments
Spam Can Be Tricky, So Keep an Eye Out for These Warning Signs

Sometimes, I kind of miss the oh-too-obvious spam emails that were once the norm. You know, the kind that were supposedly from some usurped royal who needed your assistance to reclaim their rightful place on the throne, or from some absurdly attractive individual who seemed to be coming on to you. Sure, at the time it was annoying, but compared to today’s spam…

Well, it was a simpler time.

Unfortunately, the reason those old scams were common enough to become semi-fond memories is that, on occasion, they worked.

People fell for these kinds of scams all the time, sending money out with the expectation that huge sums would come flowing back. Hopeful singles would reach out in the hope that they’d stumbled across true love (and all the perks that implied).

Success is what makes spammers continue today. For them, it’s all a big numbers game: some percentage of users will fall for different types of spam campaigns, and scammers now know the tricks to improve their conversion rates. Spam is a formula: x-number of emails equals y percent of successful victims—they just need to solve for x.

If you’re going to protect your business from these attacks and scams, you need to know the kind of tactics to keep an eye out for.

Email Spoofing

Some unknown sender is one thing, but surely a dangerous email wouldn’t come from Amazon, PayPal, Google, your mother, the bank, your employer, or someone like that…would it?

Unfortunately, spam can now be spread that is designed to mimic what you’d expect to see from a trusted email address. Posing as a legitimate business has been part of the spam and phishing playbook for quite some time, as they are highly scalable and applicable to most people. Chances are pretty good that any given person will have an Amazon or Google account nowadays, after all.

Otherwise, these attacks can be far more targeted. Let’s say your bank had its member contact list stolen in a data breach. That list gives a scammer all they need to target your bank’s members with a convincing and effective scam, customized to them.

Social media is also a useful tool. A scammer could find a potential target, their contact information, the people in their life whom the target would be most likely to help, and their contact information. At that point, a little technical knowledge is all that a scammer needs to run extremely personalized campaigns.

Homograph and Punycode Attacks

“Tear.”

Now, what did you read that word as? Did you read “tear,” as in the act of ripping something, or “tear,” the thing that comes out of your eyes when you’re hurt or sad?

This is what is known as a homograph, the phenomenon where two different words are spelled the same but have different meanings. In terms of scams, homograph attacks are used to trick a user into trusting an email or website URL by making it look like a different one. Basically, non-traditional keyboard characters are translated to look like familiar ones, which makes it easier for an attacker to spoof a well-known domain or legitimate-looking email address without actually owning it.

Homograph and Punycode attacks aren’t exclusive to email, as we alluded to above. Fake websites that look legitimate can be built to steal information, and links can be shared through messaging apps and social media. Unfortunately, this means you effectively need to be on your guard when it comes to any activity or correspondence.

Email Compromise

An entire email inbox can be leveraged by a cybercriminal as a weapon—and it’s actually one of the oldest means used to distribute malware and spam, even to this day. If your password is stolen or too weak, or malware happens to sneak in, your email can be compromised and used to propagate the threat by sending emails out to your contact lists.

Since these emails come from your account, most recipients will see them to be legitimate and open them. Once they do, the process repeats, exponentially spreading.

If someone isn’t as focused on their cybersecurity hygiene as they should be, a hacker can have a very easy time accessing their email.

For instance, let’s say that Jason uses the same password on his work email and his Amazon Prime account. His kids use his password to access Amazon Video to watch The Boys and The Rings of Power, but one day, malware infects his son’s tablet and steals the password. As a result, Jason’s user credentials are up for sale on the Dark Web, along with the tens of thousands of other credentials this malware has stolen. On sale for pennies on the dollar, scammers and cybercriminals from all over are able to access and utilize it. It doesn’t take long for them to start trying these username and password combinations in other places, and before long, Jason’s work email is breached.

From there, an attacker can email contacts, of course, read messages, change any passwords to the accounts that tie to that email address, reset passwords, and more. Jason’s friends, family, coworkers, and clients are all scammed, expanding the attacker’s web of influence.

This goes the other way, too—your friends, family, and colleagues could cut corners with their cybersecurity, resulting in you being victimized as a result.

Skepticism and Awareness are Key to Preventing Cyberattacks and Scams

This should all go to show that scams and phishing attacks are increasingly difficult to spot, meaning that the most effective defense is an abundance of caution. We recommend what is called a zero-trust approach—if you didn’t specifically request an email attachment and did not expect one to accompany a message, don’t click on it or download it.

If your bank messages you regarding an unauthorized purchase, don’t panic. Instead, log into your bank account separately to check, not using any link received through the message.

Make sure you cultivate this kind of cautious culture in your business, too. If you send someone an email with an attachment, shoot them a quick phone call or instant message to let them know it’s on its way. Even internally, acting with security coming first in your correspondence is a wise policy.

Encourage your team to act safely concerning their email, and it will pay off—period.
Our technicians are here to help your team members, including with your email security. If a team member receives a suspicious email, we can check it out for you. Give us a call today at 800.618.9844.

Tweet
Tags:
Email Spam Phishing
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 22 March 2026

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Efficiency Hardware Network Security User Tips Internet IT Services Malware IT Support Privacy Workplace Tips Google Email Computer Phishing Workplace Strategy Collaboration Hosted Solutions Small Business Backup Users Managed Service Ransomware Mobile Device Productivity Microsoft Quick Tips Passwords Saving Money Communication AI Cybersecurity Smartphone Data Backup Disaster Recovery Data Recovery Android Upgrade VoIP Business Management Smartphones Mobile Devices communications Windows Browser Social Media Microsoft Office Managed IT Services Network Current Events Tech Term Internet of Things Remote Facebook Miscellaneous Information Holiday Automation Artificial Intelligence Compliance Gadgets Cloud Computing Covid-19 Training Outsourced IT Remote Work Server Managed Service Provider IT Support Encryption Spam Employee/Employer Relationship Office Windows 10 Business Continuity Data Management Government Bandwidth Windows 10 Virtualization Blockchain Wi-Fi Business Technology Managed Services Data Security Apps Vendor Two-factor Authentication Mobile Office Mobile Device Management Budget Voice over Internet Protocol Gmail Apple Networking WiFi App Employer-Employee Relationship BYOD Tip of the week Chrome Conferencing Managed IT Services How To BDR HIPAA Computing Physical Security Applications Information Technology Hacker Access Control Avoiding Downtime Office 365 Marketing Retail Storage Healthcare Password Bring Your Own Device Big Data Operating System Router Virtual Private Network Risk Management Computers Health 2FA Help Desk Analytics Website Office Tips Augmented Reality Remote Workers Managed IT Service Firewall Telephone Scam Data loss Cooperation Free Resource The Internet of Things Project Management Windows 7 Going Green Patch Management Social Save Money Microsoft 365 Remote Monitoring Vulnerability End of Support Vendor Management Solutions Cybercrime Customer Service Display Printer Paperless Office Windows 11 Infrastructure Monitoring Excel Document Management Maintenance Sports Downloads Antivirus Mouse iPhone Licensing Safety Entertainment Administration Vulnerabilities Data Privacy Images 101 Telephone System Multi-Factor Authentication Robot Mobility Cost Management Settings Printing Wireless Content Filtering IT Management Customer Relationship Management VPN Employees YouTube Meetings Integration Cryptocurrency User Tip Modem Hacking Processor Presentation Computer Repair Mobile Security Virtual Desktop Holidays Data storage LiFi Wireless Technology Data Storage Smart Technology Supply Chain Outlook Video Conferencing Machine Learning Managed Services Provider Money Saving Time Virtual Machines Professional Services Word Humor Scary Stories Private Cloud Identity Evernote Paperless Hacks Server Management Regulations Compliance Superfish Bookmark Identity Theft Smart Tech Memes Refrigeration Fun Co-managed IT Deep Learning Download Net Neutrality Public Speaking Twitter Alerts SQL Server Technology Care Lithium-ion battery Error History Business Communications Financial Data Browsers Smartwatch Education Connectivity IT Social Engineering Break Fix Scams Entrepreneur Upload Procurement Remote Computing Azure Hybrid Work Mobile Computing Social Network Telework Cyber security Multi-Factor Security Tech Human Resources CES Tablet IoT Communitications Undo Search Dark Web Cables Alert Best Practice Trends Supply Chain Management Managed IT Customer Resource management FinTech Buisness File Sharing Regulations Dark Data Google Calendar Term Google Apps Legal Data Analysis IT solutions Star Wars IT Assessment How To Microsoft Excel IT Maintenance Notifications Staff Value Business Intelligence Business Growth Gamification Flexibility Organization Travel Social Networking Application Legislation Shortcuts Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Cortana Ransmoware Wearable Technology Memory Vendors Alt Codes Content Remote Working IBM Health IT Downtime Unified Threat Management Motherboard Data Breach Comparison Google Play Be Proactive Unified Threat Management Directions Videos Hosted Solution Assessment Electronic Health Records Permissions Workforce Wasting Time Threats Typing Trend Micro Network Congestion Specifications Security Cameras Workplace Strategies Google Drive User Error Microchip Internet Exlporer Software as a Service Competition Knowledge Fraud Meta Managing Costs Amazon Username Point of Sale eCommerce 5G Black Friday SSID Google Docs Unified Communications Database Surveillance Experience Virtual Assistant Outsource IT Running Cable Tech Support IT Technicians Virtual Machine Environment User Media Bitcoin Network Management Google Wallet Proxy Server Reviews Cookies Monitors Cyber Monday Medical IT Tactics Development Hotspot Transportation Small Businesses Laptop Websites Mirgation Hypervisor Displays Windows 8 IP Address Drones Shopping Nanotechnology Optimization PowerPoint SharePoint Addiction Electronic Medical Records Language Employer/Employee Relationships Outsourcing Halloween Chatbots Recovery Navigation Management PCI DSS Lenovo Gig Economy Screen Reader Hard Drives Writing Distributed Denial of Service Workplace Service Level Agreement Internet Service Provider Domains Virtual Reality Computing Infrastructure Teamwork Hiring/Firing

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015