What you need to know about Phishing attacks
phishing / a fish hook on computer keyboard with email sign / computer crime / data theft / cyber crime

What you need to know about Phishing attacks

If you are a movie fan, you have seen scenarios where a character’s close companion is cloned by devious counterparts. The close companion and his/her clone then present themselves before the character and he/she must decide who is real and who is not. In this scenario, the character must go back and consider the history of their relationship, physical and personality traits in order to make the impossible decision. Think of the person you know pretty well, now imagine this beloved person was cloned. Would you have the ability to tell who is real and who is not?

A form of Social Engineering

This situation is true for any organization that uses emails to communicate. What organization doesn’t? Members of your company are being targeted every day by hackers and spammers. They have the ability to pose as your employees to either your existing or potential clients. From email addresses to your style of writing, these diabolical individuals can pose as key decision-makers, service providers, you name it, just to dupe you into giving up sensitive information or to infect your network with malware. Just like cloning has not yet been perfected, there will always be red flags that will draw the line between what is real and what is fake, we just need to pay more attention!

Phishing is a form of social engineering attack that is used to steal user data, including login credentials and credit card numbers. Just as I mentioned, it occurs when an attacker, camouflaged as a trusted entity, deceives a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware or have them reveal sensitive information.

‘‘Target is locked’’.

Who is the target, and what is the mission? As a key decision-maker, take a look at your employees, the soldiers in your rank that you know all too well. Which one of them is likely to fall for a phishing attack? Oh, the names are echoing in your mind. Hackers can target anyone with access to crucial company information, or even those without access can be used as a piggyback ride into your company’s network. No one is safe, not even C suite level managers. Falling into this trap could mean financial loss, reputation damage and a drop in your consumer’s trust in you.

Spoofing vs. Phishing

As mentioned, the mission of these manufactured emails is to either trick victims into giving up sensitive information or to lure them into downloading malware into the company’s network. Email spoofing occurs when an attacker forges the sender’s address so that it appears as if it is from a genuine source. Such emails are characterized by the sender usually posing as a service provider giving instructions to take precautionary action to achieve one thing or the other.

They will include links that will resemble the actual service provider’s website for example and this is where they get you. Other graphics in the email could also be embedded with codes that will immediately execute certain tasks to damage your systems and critical applications. Such activity can also be the onset of a much bigger ransomware attack on your organization.

Spear phishing

This is a phishing technique that targets a specific person within your organization, an internal key decision-maker. Hackers will go to great lengths of doing wide research on your company to discover your employees’ names, departments and even the hierarchy of authority. They will look into employees in a certain department to acquire leverage or bait such as invoices or reports that they will now spoof (send them a malicious email that has been injected with malicious content). In common scenarios, hackers will make these documents password protected and they will tell you, the key decision-maker (KDM) to provide login information in order to access it. Doing this, the hacker acquires your login details and just like that, you have opened the proverbial can of worms.

Getting into defense mode

“Just like cloning has not yet been perfected, there will always be red flags that will draw the line between what is real and what is fake, we just need to pay more attention!”

They are called red flags for a reason. A good Commander gets all the men in his rank, lays down the reality of their battle situation and sits with them to come up with a full proof game plan. A proper defense plan for any organization would be to involve all employees regardless of rank in learning how to identify these red flags. Sometimes, blissful ignorance causes us to ignore red flags, especially where the deal sounds too good. The so-called confidential documents may give you a feeling of importance, being one of the few people in your organizations with the required login credentials. Hackers are counting on this.

The red flags

There are countless ways which hackers will use to trick their victims, we cannot name them all. They are getting smarter every day. Here are some red flags that are common across most phishing emails;

  • Links in the email may look exactly like the original, for example, domain names but will have grammatical errors or extra subdomains. Sometimes, hovering over the link could expose the true domain name.
  • Generic salutations; A service provider, for example, should address an email to you using your name. A phishing email will use generic terms like sir or madam
  • Link manipulation; A technique in which the scammer sends a link to a website. The user on clicking on the deceptive link will be redirected to the scammers’ website instead of the website indicated on the ‘link’. One of the anti-phishing techniques used to detect link manipulation is to move the mouse over the link to view the actual address.

The email will try to push or force you into action by creating a sense of urgency for example, ‘Your account will be deactivated in 24 hours if you do not…”

  • Some emails will try to reassure their legitimacy by encouraging you to verify your email or log into a website using a link that they will provide
  • The body of the email will contain unsolicited weblink attachments. Below is an example one of our clients received.

  • If you happen to click on a link, you will notice that you will be redirected. This is where the hacker redirects to a site that will harvest your login credentials as you key them in

Mitigation strategies

Be vigilant. This is the first strategy I would recommend to avoid any form of a breach within your company. Others include;

  1. Use your own link. If you must verify your email or log into a site, use a search engine or bookmark and login yourself. Do not click on links within an email
  2. Activate web security tools that will notify you of malicious sites especially when redirected
  3. Implement strong password policies in your company which includes changing them regularly
  4. Hover over links on phishing emails to try to expose the true domain name
  5. Do not click on links, download or open any attachments
  6. Install an antivirus or firewall on your computer and ensure that they are regularly updated
  7. Do not enter personal information on pop up screens
  8. Always double-check the source of any email by checking the email header. This will show you the real source of the email.

Last but not least,

9. Register for Pepea Email Security. If your company’s email address is on the internet, there is no other way to prevent phishing attacks.

Pepea Email Security is an antispam/antivirus filtering solution that filters all your inbound and outbound emails. All emails undergo a series of checks by our gateway servers that bounce back or quarantine malicious emails. Did you know that in a week, we capture or bounce back close to half a million malicious emails for our clients?

So you already have a freemium service, that’s fine. But ask yourself, with the millions of users using the same service, is your mailbox’s security the first priority to your freemium service provider?

This Post Has One Comment

Comments are closed.