How to Identify and Combat Phishing Attacks
Phishing attacks are nearly as old as email itself. As soon as computers became a staple in the business world, there were hackers eager to steal critical business data. But, what is a phishing attack, and what can it entail? This post should shed some light on the subject.
How to Identify Phishing Emails
At first glance, a well-crafted phishing email could look like any other. It could match the style of your company’s internal emails, could falsely alert you to “fraudulent purchases” on your personal credit card, or could pretend to be from an online platform or store that you commonly use.
The trick here is that hackers are attempting to get a user to click a link or otherwise provide critical information, including credit card numbers, social security numbers, account login information, or any other identifying information that could be used to break into your systems.
For example, let’s say you get an email that looks like it’s from your workplace’s CRM saying, “Your password will expire within 30 days. Click here to change it.” This email might even get the branding and style right, tricking the user into following the link. Once there, the new page could look almost exactly like the login screen they would expect. However, once the username and password are entered, it’s game over. The hackers are in.
Identifying suspected phishing emails really only requires a bit of due diligence. In the case of the password change request, just ask yourself a few questions. Has my CRM ever asked me to change my password before? If yes, has it made the request via an unsolicited email? Have other coworkers received similar requests?
Unless you have specifically solicited information from a coworker or an online service, it is better to double-check before clicking on links in emails. If a user falls into the trap, the consequences could range from a minor annoyance to a full-scale ransomware attack (more on that later).
Conventional Phishing Attacks
Much of the time, phishing attacks are aimed at a wide audience. Only one or a few people need to get caught in the trap for the endeavor to pay off. For this reason, many phishing emails don’t actually appear legitimate to anyone paying close attention.
There may be spelling errors, mistakes in the coloring of falsely branded content, or bad phrasing that is uncharacteristic of professional online services. However, over the course of a busy day at work, a tired but otherwise diligent user might not stop to think about or notice clear signs of fraudulent messages.
All of the cybersecurity technology in the world won’t be effective when the first line of defense, the user, slips up and provides private login information to an unverified third party.
Spearphishing
You may be thinking, “I’ve seen phishing emails before… I’d never fall for that.” Hackers know that there are some more sophisticated users out there who know the signs to look out for with conventional phishing messages and will put the extra work in when the potential reward is greater.
Spearphishing attacks occur when a hacker carefully crafts a message for a particular targeted user. This message may include personal information or targeted messaging that would make even an experienced user think, “This can’t possibly be fake.” Again, the key here is that these emails are, by their very nature, unsolicited. If there is something that looks like it came from a coworker or a trusted source and they are asking for information you wouldn’t normally hand out, it’s best just to ask. A simple phone call to your coworker or online service will serve as a definitive phishing email test.
Phishing attacks are more common than ever, even after decades. Learn the warning signs.
The Difference Between Phishing and Ransomware
What could happen if a user fails to detect a phishing email and supplies their information? Phishing malware takes many forms and, today, one of the most common is referred to as ransomware. Ransomware has become somewhat of a hot topic in recent years because of high-profile threats like WannaCry.
If a phishing email is the attack vector, ransomware and other malware are the payloads. When a system is infected with ransomware, some or all critical data is blocked from use until a ransom is paid to the attacker. This ransom usually takes the form of Bitcoin or other cryptocurrencies. Often, there is a deadline set where all of your business data will be deleted if the ransom is not paid.
Not only can the ransom itself be expensive, but downtime can take a major toll on your business.
Proper training can be the best method of defense from these sorts of attacks. Virtual Technologies Group can help design workplace policies and provide cybersecurity training to dramatically mitigate the risk of successful phishing attempts. Give us a call today to get started.