Recently, a few phishing*, or scam email, schemes got through Cruzio’s spam filters and landed in customer email boxes.

We catch more than 90% of spam, but sometimes the scammers who run these schemes are clever and manage to fool our filters. It’s a constant arms race as barriers improve but spammers figure out how to bypass them.

We have some tips to help you recognize phishing when you see it, so you can have more confidence in tossing phonies away. We’ll use the recent email imitating Cruzio as an example. It was well crafted, but there were some “tells” we’d like to point out.

(By the way, if you think you know all the tricks and are good at spotting spammy schemes, go ahead and skip these tips and try this Google quiz. How’d you do?)

Check the “From” Address

Here’s a great clue to a phishing email. Click the “From” email address to see the full address written out. Usually it won’t be what you expect. In this case, the return address is someone at “wildblue.net,” not Cruzio.

Roll Your Mouse Over the Links

The best indication of all is to roll your mouse over the links in the email. This is where the sender wants you to go to enter your password or other information. Don’t click on the link. Just put your mouse over the link and wait until the destination is revealed. (If you do click, just back out. Unless you enter information, clicking a link is pretty harmless.)

You’d expect this link to point to an address at cruzio.com. But it’s not. It’s sending you to “jamaioaa.com”. That’s a pretty sure sign that this is fake.

Notice that the text appearing in the email looks like the right website address. That’s a spoof. You have to mouse over the link to see where it will really send you.

Sometimes the scammer will put the word “cruzio” into their link to try to fool you. For example they might name the link http://jamaioaa.com/cruzio/verify. But other parts of the address are just words. It’s the “.com” part which shows the server’s identity.

Read Carefully: Does It Look or Sound Odd?

The example above is one of the best fakes we’ve ever seen. Still, there are several obvious problems, if you look closely:

1. The Cruzio logo is squished. We don’t display our logo with an oval cat, it’s a circle. In fact, the whole header, which has been copied off the internet, is compressed and looks wrong side by side with our real logo.
2. We don’t start emails with “Attention customer:”. If you’ve ever received email from us — and as a customer you certainly have — you know we are friendlier than that. The whole letter has a tone unlike our other communications.
3. This sentence is so poorly written, it doesn’t seem written by an English speaker.  “Please verify your account with your details click link below” — what? We sometimes make typos or phrase something a bit awkwardly, but this sentence is grammatically wrong in several ways.
4. Often phishing email will contain easily-spotted typographical errors. In this case there’s an apostrophe in front of “Thank You”. Plus, the email is signed “Cruzio Customer Service” rather than “The folks at Cruzio.” Missing that friendliness again.

Overall, if you take the time to read carefully, this email doesn’t look or sound like us.

If you ever have doubts about an email sent to you by Cruzio or any other company, contact the company directly and ask what’s up.  And if you fear you’ve fallen for a scheme, change the password you think you’ve compromised and contact the company and/or Cruzio. We’re always glad to help you.

Now that you’re familiar with scammers’ “tells,” if you didn’t do it before, take that Google quiz to test your knowledge. How’d you do now?

*”Phishing” is the term email that tries to get users to click on fake links and enter their passwords and other personal information into fake websites. The scammers imitate the look and feel of real companies, sometimes very convincingly. Even professionals can fall for these schemes — a campaign aide who fell for a phishing scheme is what gave Russian operatives access to Hillary Clinton’s campaign emails.

Like all ISPs, once in a while, our email users get hit with a phishing scheme. Generally, they’re poorly done and obviously fake, at first glance. This weekend we got hit by a particularly nasty one.

As you can see, it looks pretty sophisticated: not too many obvious typos or grammatical errors. And they stole our logo and header!

This email started hitting our mail users at around 9:30am last Sunday. As it happens, one of the first people to notice was our Chief Technical Officer, Chris Neklason, who right away saw it was a potential security threat to our users and alerted our support team. We immediately contacted the company hosting the rogue site, as well as our email filter provider. Within a couple of hours, the rogue site was taken down and the email had been blocked and deleted from our users’ inboxes. But not before about 100 of our eagle-eyed and responsible customers had notified us of the email and, sadly, a few folks had clicked through.

A couple of things to take away from this:

1. Cruzio has your back
We identify these threats quickly and we have tools to quickly neutralize them. If you do get fooled — and it happens to everyone — change your password and contact us immediately.

2. There are always tell-tale signs
Even though it was a relatively good phishing attempt, there are a few obvious clues in this that reveal it to be spam pretty quickly. First, the actual sender was not an @cruzio mailbox, it was a totally different domain. Secondly, none of the clickable links in the email pointed to the Cruzio site. Pro tip: you can always see where a link is pointing before you click it by hovering your mouse cursor over it — depending what mail tool or browser you’re using, the destination URL will show as a pop-up or in the lower part of the window you’re in. If you do happen to click on the link, most web browsers catch scams fast and almost immediately flash a warning on the page.

As a reminder:
* Don’t enter personal information into any site you’ve reached via email unless you’re 100% sure it’s legitimate. If you have even the slightest doubt, contact the company
* The more information an email asks for, the more suspicious you should be. For example, no one should ever want your Social Security number from an email message
* The more urgent the message, the more suspicious you should be
* There are so many scams, we can’t report every one. But if you see one you feel is serious, or if it’s for a small company, report it to the FBI https://www.ic3.gov/complaint/default.aspx

Bottom line: if you ever have any doubts about an email that purports to be from Cruzio, play it safe and contact us at cruzio.com/contact or call us at 459-6301 x2. Cruzio is keeping an eye out 24/7, 365 days a year to ensure your security.

Be safe out there!

Do you get simple, short, unexpected emails from friends instructing you to click on a link? They look kind of like this:

Truman from Cruzio Customer Service wants to warn people that these emails are an increasingly common scam. If you click on the link, your computer security may be threatened.

These emails aren’t really coming from your friends — that’s obvious once you think about it, but it’s not easy to be on your guard all the time! They’re sent by a virus-spreading program that gets contacts from an infected computer’s address book and forges the sender’s identity. Naturally, friends and family are likely to click on the websites in the email, and their address books are then compromised in their turn. It’s an effective scheme, and hard to stop.

Security Tips:
Don’t click on links in unusual email, even from friends or family. (Unsure? Ask them!)
Don’t type personal information like passwords or social security numbers into websites you reach from an email.
Don’t say yes to installing files on your computer from email unless you are positive they’re safe.
Do make sure your friends and family know this, too!

from September 2015 Newsletter