Yahoo! became the latest internet giant to suffer a data breach and is expected to disclose the extent of the leak this week. According to Recode.net, ‘several hundred million user accounts’ were compromised, meaning Yahoo! e-mail users if not already, are about to receive a barrage of requests and legitimate-looking proposals for their personal information.
The breach now also has consequences for Verizon, which recently purchased Yahoo! for $4.8 billion.
Hundreds of millions of Yahoo! e-mails have appeared for sale on the dark web, one hacker looking to sell 200,000 e-mail addresses for $1,800. In fact, anyone can purchase 1,000 e-mail addresses for as little as $5.
E-mail fraud was a significant topic of conversation Tuesday at the Kount Fraud 360 World Tour in Boston, which featured several expert keynote speakers.
So why is e-mail fraud still so popular?
Speaking of e-mail scams, we’re reminded of a classic Michael Scott line from an episode of The Office titled ‘Michael’s Birthday’ (Season 2, episode 19):
“You know what, Toby? When the son of the deposed king of Nigeria e-mails you directly asking for help, you help. His father ran the friggin’ country, OK?!”
Michael’s naivete is both funny and sad at the same time.
Fraudsters will purchase 5,000 e-mail addresses for $20 simply because out of those 5,000, several naïve folks will turnover their personal information that a fraudster can turn into cash.
In fact, it’s not just Nigerian royalty looking to offload their fortunes for social security and bank account numbers anymore. Hackers are sending fraudulent e-mails remarkably similar to, for example, the e-mail templates of Federal Express, eBay or Amazon, taking advantage of unknowing consumers to solicit personal information.
Sadly, some consumers comply.
This very week I received an e-mail inquiry from ‘Rick’ from a company called Worldupay.com inviting Instabill to partner with his company for payment processing solutions.
Fortunately, we’ve become adept at spotting an e-mail scam and the red flags were apparent:
Again, however, a consumer or employee at any company may not have recognized this e-mail as fraudulent.
The fact that such an e-mail was sent unsolicited is a red flag in itself. Read it thoroughly and identify what they’re asking.
Perhaps the fraudster is not requesting information this time, but may in a second or third e-mail.
If you feel the e-mail was fraudulent, file it in your junk mail folder, which also contains the option to block further e-mails from this sender.