Phishing Attacks: How to Recognize Them and Keep Business Data Safe

One phishing email has the power to cause downtime for your entire business and unfortunately the scams are getting more sophisticated on a daily basis, thus harder to detect.

Cybercrime is on the rise, and hackers are using any opportunity to take advantage of an unknowing victim to gain access to personal information for financial gain. The new ‘work from anywhere world’ makes everyone at risk to cyber attacks, especially because threats are harder to track over home networks. The blurred lines between home and work create security nightmares if safety protocols are ignored, or don’t exist. One commonly used tactic is phishing. Phishing messages are crafted to deliver a sense of urgency or fear with the end goal of capturing a person’s sensitive data. If your employees fall prey to phishing scams while working from home, it can affect your company network by transferring malware and viruses over internet connections.

What is Phishing? How can Phishing hurt my business? 

Phishing emails are fake messages designed to lure people into clicking on dangerous links, sending sensitive information, or transferring money. Clicking on infected links can result in ransomware, data loss, unauthorized access of sensitive or protected data, or financial theft. ‘Phishing’ generally refers to messages broadcast to a wide audience, such as emails stating that your bank credentials need to be updated, you have underpaid your taxes, or your credit cards are blocked.

‘Spear-Phishing’ messages are personalized messages targeted at individuals, like HR and finance department managers and staff, often from ‘the CEO’ or someone else in authority. These messages ask for sensitive information, such as payroll records, to be sent, or for money to be transferred. Spear-phishing hackers often use information about the sender, that they find on a corporate website or in social media, to gain the recipient’s trust.

Electronic tools should be implemented to identify and block phishing emails. However, because hackers are getting more sophisticated and using tools to defeat blocking technologies, the last line of defense is a workforce trained and tested in avoiding phishing scams.

Here are five different types of phishing attacks to avoid:

1. Spear Phishing Attackers pass themselves off as someone the target knows well or an organization that they’re familiar with to gain access to compromising information (e.g., credentials or financial information), which is used to exploit the victim.

2. Whaling Whaling is a form of spear phishing with a focus on a high-value target, typically a senior employee within an organization, to boost credibility. This approach also
targets other high-level employees within an organization as the potential victims and includes an attempt to gain access to company platforms or financial information.

3. Mass Campaigns Mass phishing campaigns cast a wider net. Emails are sent to the masses from a knock-off corporate entity insisting a password needs to be updated or credit card information is outdated.

4. Ambulance Chasing Phishing Attackers use a current crisis to drive urgency for victims to take action that will lead to compromising data or information. For example, targets may receive a fraudulent email encouraging them to donate to relief funds for recent natural disasters or the COVID-19 global pandemic. According to Google, it has been reported that cybercriminals have sent an estimated 18 million hoax emails about COVID-19 to Gmail users every day.

5. Pretexting Pretexting involves an attacker doing something via a non-email channel (e.g., voicemail) to set an expectation that they’ll be sending something seemingly legitimate in the near future only to send an email that contains malicious links.

What to do if you think you’ve received a phishing email?

First, to help identify it as a phishing email, check to see if the signed-by field was generated by a DomainKeys Identified Mail (DKIM) or a service. DKIM is a good first step in email authentication and is a technical solution to prove that an email is not fake.

For example, if you received an email from [email protected], you would see a DKIM in the signature that looks like this: technology-com.20150623.gappssmtp.com.

This is how all emails through a domain are processed. Emails shared through a service (e.g., Drive, Calendar, Dropbox, Box, etc.) do not have a DKIM. Instead, you would see the signature of the provided service (i.e., signed-by dropbox.com). If you receive a file, and it is not signed by google.com, gmail.com, dropbox.com, it is likely phishing – delete it immediately. It’s important to remain vigilant and proceed with caution in these circumstances.

⚠️⚠️⚠️Be careful! Phishing scammers are impersonating file sync and share platforms and sharing fake documents or folders in an attempt to infect your computer.⚠️⚠️⚠️

What do phishing emails look like? 

The following are four examples of what a phishing email looks like. As mentioned below the following are 7 tips for detecting a phishing email.

1. Watch for overly generic content and greetings- Cyber criminals will send a large batch of emails. Look for examples like “Dear valued customer.”
2. Examine the entire from email address- The first part of the email address may be legitimate but the last part might be off by letter or may include a number in the usual domain.
3. Look for urgency or demanding actions- “You’ve won! Click here to redeem prize,” or “We have your browser history pay now or we are telling your boss.”
4. Carefully check all links- Mouse over the link and see if the links destination matches where the email implies you will be taken.
5. Notice misspellings, incorrect grammar, & odd phrasing- This might be deliberate attempt to try to bypass spam filters.
6. Check for secure websites- Any webpage where you enter personal information should have a url with https://. The “s” stands for secure.
7. Don’t click on attachments right away- Virus containing attachments might have an intriguing message encouraging you to open them such as “Here is the Schedule I promised.”

“I need better professional IT solutions but I don’t know where to start.”

It’s okay not to know, you are not an IT expert but, you have come to the right place because we are experts in providing professional IT services.

Click to, schedule your absolutely free 1X1 Strategy Session with ITernal Networks!

We would also like to invite you to register for our What Happens After a Cyber Attack live webinar to learn more ways to improve your security posture. Click here to sign up.