Imagine you’re going through your day, checking your emails, when suddenly you get one from a company you trust.

You think, “Great! It’s safe to open.” But wait a minute… this email isn’t what it seems.

It’s actually a scam made by cyber crooks to trick you into clicking on bad links or giving away private info. It’s called “SubdoMailing,” and it’s really risky.

So, what’s the deal?

Like regular phishing scams, these cyber crooks pretend to be trusted brands.

But here’s how they do it: They search the internet for subdomains of well-known companies. You know, those extra parts in a web address before the main one? Like experience.trustedbrand.com. That part ‘experience’ is the subdomain.

They find a subdomain that the brand doesn’t use anymore and still points to a website that’s not active.

Then they buy that website and make a fake page for the scam.

So, when you think you’re clicking on experience.trustedbrand.com… you’re actually going to scamwebsite.com without even knowing.

The crooks are sending out five million of these emails every day, targeting people in businesses like yours.

And because these emails seem like they’re from a real company, they often get past the usual security checks and end up in your inbox.

Here’s what you can do to stay safe:

  • Be careful with any emails that seem suspicious. If something seems off, it probably is.
  • Before clicking on any links or downloading anything, double-check who sent the email. Look for mistakes or weird email addresses.
  • Make sure your team knows about the latest tricks cyber crooks use and can spot a scam. Knowing a little can help keep your company safe.
  • Think about getting really good security software to keep these cyber crooks away. It might cost extra, but it’s worth it to protect your business.

And remember, if you need help with this or anything else about keeping your email safe, just ask.