Recognizing Phishing Attacks
Cybercrime is on the rise, and hackers are using any opportunity to take advantage of an unknowing victim to gain access to personal information for financial gain. Recognizing phishing attacks or attempts can help you ensure that critical information and data remains secure.
The new ‘work from anywhere world’ makes everyone a potential target for cyber attacks, especially because threats are harder to track over home networks. The blurred lines between home and work create security nightmares if security protocols are ignored, or simply don’t exist.
One commonly used tactic is called phishing. Phishing messages are crafted to deliver a sense of urgency or fear with the end goal of capturing a person’s sensitive data. If your employees fall prey to phishing scams while working, it can affect your company network by transferring malware and viruses over internet connections.
One phishing email has the power to cause downtime for your entire business and unfortunately the scams are getting more sophisticated and thus harder to detect.
Recognizing The 5 Most Common Phishing Attacks
Spear Phishing
Attackers pass themselves off as someone the target knows well or an organization that they’re familiar with to gain access to compromising information (e.g., credentials or financial information), which is then used to exploit the victim.
Whaling
Whaling is a form of spear phishing with a focus on a high-value target, typically a senior employee within an organization, to boost credibility. This approach also targets other high-level employees within an organization as the potential victims and includes an attempt to gain access to company platforms or financial information.
Mass Campaigns
Mass phishing campaigns cast a wider net. Emails are sent to the masses from a knock-off corporate entity insisting a password needs to be updated or credit card information is outdated. These types of attacks rely on strength in numbers and volume with the idea being that the more potential victims cast within a net, the higher the odds that a user will provide critical information.
Ambulance Chasing
Attackers use a current crisis to drive urgency for victims to take action that will lead to compromising data or information. For example, targets may receive a fraudulent email encouraging them to donate to relief funds for recent natural disasters or the COVID-19 global pandemic.
Pretexting
Pretexting involves an attacker doing something via a non-email channel (e.g., voicemail, social media) to set an expectation that they’ll be sending something seemingly legitimate in the near future, only to send an email that contains malicious links.
What To Do After An Attempt Or Attack?
First, to help identify it as a phishing email, check to see if the signed-by field was generated by a Domain Keys Identified Mail (DKIM) or a service. DKIM is a good first step in email authentication and is a technical solution to prove that an email is not fake. For example, if you received an email from name@technology.com, you would see a DKIM in the signature that looks like this: technology.com.20150623.gappssmtp.com. This is how all emails through a domain are processed.
Emails shared through a service (e.g., Drive, Calendar, DropBox, etc.) do not have a DKIM. Instead, you would see the signature of the provided service (i.e., signed-by dropbox.com)
If you receive a file, and it is not signed by google.com, gmail.com, dropbox.com, or other legitimate sources, it is likely phishing – delete it immediately. It’s important to remain vigilant and proceed with caution in these circumstances.
Finally, one of the best things you can do for you and your team is to provide a Cyber Defense Training Program. These programs help educate your staff on common attacks methods, data protection, personal security and more. We offer a complete program through our Managed Security Solutions and would be happy to discuss it anytime. Give us a call at: 708-922-9444 to learn more.