Hamilton Information Security Manager, Robert Leonard, shares helpful tips on recognizing common e-mail threats.
With many businesses and teams now working remote and an influx of regular e-mail action, we have seen an increase of potentially hazardous messages hitting inboxes. Specifically, phishing attacks.
Not long ago, phishing was primarily aimed at the consumer market, and malware was considered the biggest threat to businesses. Today, phishing is the top social attack on businesses, responsible for more than 90 percent of security breaches. Phishing is becoming more sophisticated, and although there are dozens of techniques phishers can use to trick our employees, there are a handful of methods they rely on most.
Here are five things you need to know about phishing:
1) What is Phishing?
Phishing is a type of fraud in which a hacker attempts to gather personal information or credentials by impersonating a legitimate brand and sending users to a malicious website. A common example of this is the “Office 365 phishing attack”:
An employee receives an email that appears to come from Microsoft asking the user to log in to their Office 365 account (examples below). When the user clicks on the link in the email, it takes them to a fake Office 365 login page, where their credentials are “harvested” (captured by the attacker for later use).
Real Office 365 Page
2) Email Addresses Can Be Spoofed
Simply reviewing the supposed sender address is not sufficient enough to trust an email. Cybercriminals have many methods to disguise these messages. They understand how to trick users into thinking a sender is legitimate, when the email is, in fact, coming from a malicious source. With display name spoofing, the phisher uses a legitimate company name as the email sender, such as microsoftsupport @ microsoft . com, but the email underneath is a random address like xyz @ yahoo . com. Display name spoofing is most effective when a user views the email on a mobile device because the sender’s email address is hidden. Phishers are counting on the fact that most mobile users will not expand the sender’s name to view the email address.
3) Subject Lines & Emails May Include Enticing or Threatening Language
Cybercriminals may promise “free iPhones to the first 100 respondents” or threaten that “your credit card will be suspended without immediate action.” Evoking a sense of panic, urgency, or curiosity is a tactic commonly used in phishing scams. Recipients of these emails may feel they need to respond quickly to emails that indicate potential financial loss or that could result in personal or financial gain.
Emails that have an aggressive tone or claim that immediate action must be taken to avoid repercussions should be considered a potential scam. This technique is often used to scare people into giving up confidential information. Two examples of this are phishing emails telling users their critical accounts are locked or that an invoice must be paid to avoid services being suspended.
In some spear phishing attacks, personalized emails from purported colleagues are designed to evoke fear of consequences at work. A classic example of this is an urgent email from a CEO requesting gift cards or a wire transfer. Receiving such a request from a top executive creates pressure for the employee and makes them more likely to respond quickly—without pausing to examine the validity of the message.
4) Attacks Are Becoming More Personal with Deceptive Links
Many phishing attacks of the past were sent in bulk to a large group of users at once, resulting in impersonal greetings. The emails would often address a user with a generic term like “customer,” “employee,” or “patient.” Everyone should be cautious of messages using these generic terms. More and more phishing attempts are personalized with first names. It is important to understand a personalized email is not necessarily a sure sign of a legitimate email. Additionally, employees need to read their emails closely and pay special attention to the links included. Make sure to hover over all links before clicking them to ensure the pop-up link displays a legitimate destination. If it is not the website expected, it is likely a phishing attack.
5) An Employee Received a Phishing Email—Now What?
Dealing with the repercussions of a phishing attack is not only time consuming but costly. One cavalier click has the potential to compromise an entire network. It is important that everyone works as a team to protect the business. Simply deleting the offending email is not the solution—Employees should contact their IT support immediately so that quick and appropriate action can be taken to protect your business’ network.
Wherever our desks are now, maintaining best practices when it comes to e-mail is vital. We are happy to share more information with you about best practices for operational policies and maintaining business in times of transition and troubleshooting.
With over 119 years of experience in the telecommunications and technology-industry, Hamilton has the expertise and certified technicians to best serve your business. Our team of technical experts are committed to equipping your business with the IT solutions and services you need
© 2020 Nedelco, Inc. Hamilton are registered trademarks of Nedelco, Inc. dba Hamilton Telecommunications
Third party trademarks mentioned are property of their respective owners.