Phishing is one of the most common ways that cybercriminals gain access to networks to steal credentials and sensitive data, deploy malware, and conduct ransomware attacks. Phishing is most commonly conducted via email and uses deception and ‘social engineering’ to trick people into disclosing sensitive information or running code that downloads malicious software.
Phishing emails often impersonate trusted individuals or companies. The email addresses used to send these messages can appear legitimate, and the messages often include the logos and layouts of the genuine communications they spoof. The emails often include a hyperlink to a website where credentials are harvested. The online component of the phishing scam similarly spoofs a trusted entity and, in many campaigns, it is difficult to distinguish the phishing website from the genuine site being spoofed.
Phishing attacks are increasing and for one very simple reason. They work. Not only do these messages fool huge numbers of people, they are also easy to conduct and there is little risk of phishers being caught. Even the Italian mafia and other organized crime operations have adopted phishing in addition to the standard protection rackets as a way to rake in money. This week, Europol announced it broke up an organized crime gang with links to the Italian mafia which had raked in €10 million in revenue from phishing and other online fraud scams in the past year.
Phishing Lures are Constantly Changing
The lures used in phishing scams are constantly evolving. While standard phishing campaigns involving fake invoices and resumes, missed deliveries, and fake account charge notifications are regularly used, topical lures related to news stories and COVID-19 are also thrown in into the mix. The lures may change, but there are commonalities with these phishing scams that individuals should be able to recognize.
Phishing scams attempt to get the recipient to take a specific action, such as visit a link in the email or open an email attachment. There is usually a sense of urgency to get recipients to take prompt action, such as a threat of account closure or potential legal action. While suspicions may be raised by these messages, many people still take the requested action, either through fear of missing out or fear of negative repercussions if no action is taken.
It is best to adopt a mindset where every email received is potentially a phishing scam, and any request suggested in an email could well be a scam. Any email received that threatens account closure if no action is taken can easily be checked for legitimacy by logging in to the account via a web browser (never use the links in the email). If there is an unauthorized charge or a problem with the account, this will be clear when you login.
If you receive a message from a company stating there is an unpaid invoice or an order has been made that is not recognized, search for the company online and use trusted contact information to verify the legitimacy of the email.
If you receive an email from your IT team telling you to install a program or take another action that seems suspicious, give the support desk a call to verify the legitimacy of the request.
Links in emails are the most common way to direct people to phishing webpages. You should always hover your mouse arrow over the link to check the true destination, and if the URL is not on an official domain, do not click.
Common Phishing Lures You Should be Aware Of
- An email about a charge that has been applied to your account that has been flagged as suspicious and requires you to login to block the charge
- An email threatening imminent account closure or loss of service if you do not take immediate action to correct the issue
- An email from law enforcement threatening arrest or legal action for a crime you are alleged to have committed
- An email from the IRS or another tax authority offering a refund as you have overpaid tax, or legal action over nonpayment of tax
- An email with an invoice for a product or service you have not purchased
- An email telling you malware has been detected on your computer that requires a software download to remove it
- An email with a link that requires you to provide credentials to view content or confirm your identify by verifying your credit/debit card number.
If you receive any message, the important thing is to stop and think before taking any action and to carefully assess the legitimacy of the request.
Spam Software will Block the Majority of Phishing Emails
One of the best ways that businesses can improve email security is to implement an advanced spam filtering solution. SpamTitan provides protection against phishing and other malicious emails using a wide range of tools that include machine-learning to identify suspicious messages, sandboxing, dual anti-virus engines, greylisting, and malicious link detection mechanisms. SpamTitan will ensure that malicious messages are not delivered to end users where they can be clicked. When combined with security awareness training to teach cybersecurity best practices, businesses can mount a formidable defense against phishers.
To find out more about how you can protect against phishing and other malicious emails, give the TitanHQ team a call. SpamTitan is available on a free trial, product demonstrations can be arranged on request, and you may be surprised to discover how little it costs to improve protection against all types of email attacks.