You receive an email from one of your favorite brands, but something is wrong. There are several typos and an urgency to respond to the link. Upon further research, you see the sender’s address is different, and the link is unsecure.

Did you stumble onto a scam?

According to Norton, more than 75% of online scams start with emails as described above. When scammers pretend to be a trusted brand to access your personal information, this is called clone phishing. These scams have malicious links and attachments.

What is clone phishing?

Cybercriminals are using a technique called clone phishing to imitate follow-up emails and manipulate you.

To start the scam, cybercriminals hijack an email account from a legitimate organization. They use the hijacked account to find an email that was previously sent to you and clone it. To make the clone email look like a typical follow-up email, the cybercriminals add text that claims the original email was missing an attachment with urgent information. If you download the attachment in the clone email, you won’t receive important details about the original message. Instead, you’ll download malware that allows cybercriminals to steal your sensitive information.

Some of the signs of clone phishing may include:

  • Spelling or grammar errors.
  • False claims of being a reply.
  • Different domain extensions.
  • Ineffective password managers.
  • Requests for personal information.
  • Use of urgent language.
  • Inclusion of a link or attachment.
  • Suspicious sender’s address.

Some examples of clone phishing include:

  • Customer support scams: Scammers send fake emails from a registered social media account. The message will urge recipients to log into their accounts to verify their account information.
  • Fake virus scams: Scammers warn you about fake virus alerts to make you download fake software that might contain harmful malware.
  • Refund scams: Scammers incentivize users to quickly click a malicious link by promising them a cash reward, refund, or other prizes.

How to protect yourself from clone phishing

Although clone phishing may be difficult to detect, here are some tips to keep you and your personal information safe, according to Norton.

  • Review the sender’s address: Illegitimate email addresses might appear identical to official email addresses on the surface. Take a closer look at the characters. They may be different from the official address.        
  • Preview links before opening them: Most internet browsers give you the option to preview a link by hovering over it. If the preview looks suspicious, do not open it, and report the sender.       
  • Use a password manager:Password managers can help you detect replicated websites. If your manager does not auto-fill your login like it usually would, then you might be entering your information into a fake website.       
  • Investigate spoofed replies: Some clone phishing scams format their message to look like a reply from an earlier conversation. Pay close attention and you will notice that there was never an original thread between you and the scammer.         
  • Double-check URL addresses: If you already clicked a suspicious link, double-check the URL address of the “company’s” website. Does it look different than the official domain address? If so, it might be a scam.  
  • Check for “HTTPS”: Secure URL addresses are normally preceded by “HTTPS://” — this prefix indicates that you are interacting with a secured connection. If the prefix is not there, then your sensitive information could be at risk.       
  • Contact a trusted source for help: If you receive a suspicious message from a trusted brand, contact their official customer support line to verify the email.
  • Remain calm: Most clone phishing scams involve a sense of urgency. Targeted rhetoric is used to make recipients panic and irrationally click or download something. Stay calm and verify time-sensitive messages before you continue.

The information in this article was obtained from various sources not associated with Adirondack Bank. While we believe it to be reliable and accurate, we do not warrant the accuracy or reliability of the information. Adirondack Bank is not responsible for, and does not endorse or approve, either implicitly or explicitly, the information provided or the content of any third-party sites that might be hyperlinked from this page. The information is not intended to replace manuals, instructions or information provided by a manufacturer or the advice of a qualified professional, or to affect coverage under any applicable insurance policy. These suggestions are not a complete list of every loss control measure. Adirondack Bank makes no guarantees of results from use of this information.