With more businesses functioning online, exposure to computers and the Internet has increased manifold. Thus, you have cybercriminals growing in number as well. Hackers are becoming more intelligent than before. However, phishing is still the top threat among all breaches analyzed over the past one year. Therefore, it has become imperative for business organizations to know about phishing and phishing protection methods to apply to prevent them.
We shall now talk about some of the common types of phishing and see how organizations can defend themselves against them.
Emails appear to originate from a recognized sender.
Steals data by impersonating a genuine provider.
In this type of phishing, the cybercriminals impersonate a legitimate provider to steal personal information such as credit card details or login credentials of financial institutions. One example of such deceptive phishing is that of PayPal scammers.
Hackers send out emails to recipients to click on a link to ‘rectify specific discrepancy’ in their accounts. However, the link directs the recipients to a fake PayPal Login Page that the hacker uses to steal info. As a user, one should verify all the URLs carefully and look for spelling mistakes, grammatical errors, or generic salutations, and be vigilant to tackle such phishing attempts.
Spear Phishing
Characteristics of spear phishing:
Commonly observed on social media sites.
The email looks like it originates from a known sender.
Uses personalized info about the target.
As the name suggests, spear phishing is targeted-phishing. The hacker collects the target’s name, email id, organization details, work phone number, and other crucial information. The objective is to trick the target into believing that they have a connection with the sender. The hacker aims to trick the target into clicking on a spurious link or download a malicious attachment through which he/she attempts to steal personal information. One can observe such spear-phishing in social media sites like LinkedIn, where it is easy to collect information and craft a targeted attack email.
The best phishing protection methods to employ to guard against spear-phishing are:
Be careful when sharing sensitive private information with people
An automated email-analyzing solution to identify such phishing emails is the best investment to make.
CEO Fraud
Characteristics of CEO Frauds:
It usually targets top-level executives.
The objective is to authorize fraudulent financial transactions.
Obtain crucial tax info on all employees.
The modus operandi of the cybercriminals is simple in this type of phishing attack. They try to get hold of the login details of a top enterprise executive. In doing so, the hackers impersonate the CEO or high-ranking official to authorize the financial transactions of the business organization. The criminals also use the same email account to request the taxation or W-2 information of all employees. This information has a high demand on the dark web.
Usually, you do not see high-ranking officials or CEOs participating in the employee phishing awareness programs. Hence, it becomes easy for hackers to target this exclusive group. Here are some phishing protection methods to counter such threats.
Ensure that the top-ranked executives take part in phishing awareness training programs so that they do not become vulnerable targets.
Make sure that the business organization adopts multi-level authentication for authorizing financial transactions.
Pharming
As a result of business organizations adopting phishing awareness programs and the like, the awareness levels of the employees are now high. Hence, it has become challenging for cybercriminals to choose the traditional phishing scams. Therefore, they resort to a new type of phishing known as pharming.
Characteristics of pharming:
Redirect the victim to a malicious website.
Change the IP address associated with a specific website.
Leverage cache-poisoning against DNS servers.
The Internet uses the Domain Name System to convert alphabetical websites to a numerical form to locate and direct visitors easily. The DNS cache poisoning attack entails the hacker targeting a DNS server and changes the IP address associated with the alphabetical name of the website. Thus, the cybercriminal redirects users to a malicious website of their choice. The problem with pharming is that the victim experiences the same issue even when he/she enters the correct site name instead of clicking on the link.
Use only HTTPS-protected websites as far as possible.
Have an updated anti-virus software solution installed on your computer networks.
Ensure to update your security patches regularly.
We have discussed four innovative methods of phishing adopted by cybercriminals all over the world and examined the phishing protection methods that one should use to tackle such phishing attempts. Ultimately, it boils down to two aspects:
Have up to date security systems installed on your computers.
Increase your awareness levels and be vigilant at all times.
These are the most straightforward phishing protection methods you can employ at all times.
GDPR, or General Data Protection Regulation, is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It’s a law that gives control of people’s personal data back to the people. It includes the right to see all the data a company has on you, as well as the “right to be forgotten.” In other words, a company that is covered by the GDPR has to delete your personal data at your request.
The one thing you could always count on with a phishing page is that something would give it away as a phishing page. After all, it’s not the real page, so there must be something different about it. Protecting yourself from a phishing attack simply came down to being able to identify the clue that gave away the web page as a phishing page. But what if attackers could find a way to phish you with the legitimate page you actually intend to visit? There wouldn’t be any clues giving it away as a fake page because it isn’t. That would be a problem, and unfortunately that problem has become reality.
The first wave of pandemic-related phishing attacks targeted vulnerable employees and consumers. There wereattacks that used home delivery services andattacks that used travel-related services. There wereattacks on spoofed resumes andattacks on the SBA’s Office of Disaster Assistance. Now hackers have moved on to the gainfully employed by attacking the virtual private networks (VPN) that remote workers use to connect to the office while working remotely.
Let’s face it, hackers do whatever they can to get you to click on their link. And they have a lot of tools in their toolbox to get you to click. Everything from social engineering to display name spoofing to domain name spoofing. It’s all to get you to do one thing: click the link.
The US Small Business Administration (SBA) does the important work of supporting small businesses in the US. They provide a lot of resources, but none more important than small business loans. And with the onset of COVID-19, the organization has come up with unprecedented emergency financial relief options for small businesses. And of course, with that much money being made available, it was only a matter of time before hackers tried to get their hands on it.
The latest Threat Intelligence Report is out. Its findings are based on an analysis of 195 billion emails analyzed from January through June 2020. Of that large number, an astonishing 47% were flagged as malicious or spam.
It won’t come as a shock to learn that there were two main themes in the threatening emails this spring. According to HelpNetSecurity, “Two main trends ran throughout the analysis: the desire for attacker’s monetary gain and continued reliance on COVID-19-related campaigns, especially within certain vertical industries.” From the report, “One of the most significant observations of this research is that threat actors are launching opportunistic and malware-based campaigns across multiple verticals at volumes never seen before.”
It’s 2020, which means it’s time for another Presidential election in the U.S. The big question is, who will win? But an even bigger question is, will we be able to trust the outcome? There are evil forces out there who’d love nothing better than to manipulate the outcome of the election for their own purposes. And what way are they most likely to do that? Through phishing, of course.
If you take an email security awareness training class, you’ll learn a dozen ways to spot phishing email. There are a lot of clues. Maybe the email contains poor spelling or grammar. Or maybe it contains an offer that’s just too good to be true. All of those are giveaways. But there is one clue that’s a more reliable predictor of a phishing email than any other one: the “from” address. If you truly know who the email is from, you’ll know whether or not it’s legitimate.
There are a lot of companies that depend on their employees to stop phishing attacks. In effect, their employees are their last line of defense. Seeing as how the cost of phishing attacks is now in the tens of billions of dollars per year (nobody knows the exact amount since victims are so reluctant to come forward), it seems like the employees stopping phishing attacks thing isn’t working too well. And now we know why.
Most phishing attacks are pretty straight forward. You receive an email that convinces you to log into some website you’re familiar with. But, it’s just a convincing looking replica of the website and what you’re really doing is entering your credentials into a bogus site. Once you do that, the bad guys have your credentials, and depending on which ones, they can create a whole lot of havoc for you.
For the longest time, the number one delivery mechanism for ransomware was a phishing email. As much as 91% of ransomware was delivered that way. And then things changed.
According to an article on ZDNet, “in recent years, attackers have successfully pivoted to using remote ports, insecure public-facing servers and other vulnerabilities in enterprise networks to encrypt entire networks – often demanding hundreds of thousands of dollars in payment to release the data again.”
What’s more dangerous than a phishing attack that uses a social engineering tactic to get you to click? How about a phishing attack that uses a combination of TWO social engineering tactics to get you to click? And that’s exactly what was detected this week according to InfoSecurity Magazine.
In this case, the two social engineering tactics are phishers hiding COVID-19 malware in both CVs (curriculum vitae or resumes) AND medical leave forms. According to the article, “Cyber-criminals are taking advantage of the evolving jobs market and employee health situation under COVID-19 to disguise malware in various emailed documents. The phishing campaigns spotted center around spoofed CVs and medical leave forms.”
If your organization is the unfortunate victim of a phishing attack that leads to ransomware, you have a very important decision to make. Should you pay the ransom or not? The answer depends in large part on how much the ransom is. Hackers are smart not to ask for so much ransom that not paying it seems like the best alternative.
I hope to never receive an email from the United States Supreme Court. It couldn’t possibly be good news. I would be very suspicious. But there is one small group of people who, if they received such an email, might not be suspicious: C-suite executives. And that’s exactly what some hackers thought as they targeted such individuals with a zero-day credential phishing attack impersonating the Supreme Court.
One of the ways the world has responded to the COVID-19 pandemic is to take a lot of the entertainment we used to enjoy live and in person and move it online into the world of virtual entertainment. The entertainment is still live, but now instead of watching musicians in a bar or theater, you get to watch them live streamed on your smart TV or mobile phone. The hackers know this, and they are aiming to do something about it.
The COVID-19 worldwide lockdown has had many side effects, not the least of which is that people are doing even more online shopping now. Weekly online purchases now include staples like food and cleaning products. Amazon’s sales since the pandemic arrived is up 35%. And what’s the one thing all these online sales have in common? A delivery service has to bring them to your door.
Hackers are always trying to come up with ever more enticing lures to phish you. Sometimes the lure is the promise of riches, while other times it’s a job opportunity or tax refund. Hackers may have outdone themselves this time with separate phishing attacks centered around fast food and free beer as a direct result of the COVID-19 pandemic.
Even when something as horrible as COVID-19 happens, there are some companies that benefit. One of the beneficiaries of the virus is Zoom Video, the video conferencing company that has seen a huge demand increase for their product.
Another, less obvious company, that has seen an increased demand for their service is Netflix. Recent stats display that as the COVID-19 crisis gripped nations throughout the world, Google searches for Netflix jumped to 142%. And sure enough, just as the demand goes up, so too do the number of phishing attacks targeting the company’s customers (and potential customers).
You have to hand it to those hackers. If there’s a way to trick you with a phishing email, they’ll figure it out. One of the best ways hackers try to trick you with a phishing email is to take advantage of the way web pages are rendered.
Web pages use HTML (hypertext markup language) and CSS (cascading style sheets) to display web pages on your computer and your mobile phone. These technologies are well-understood and have been around for a long time. One of the things that makes these technologies so powerful is how flexible they are.
While the pandemic known as COVID-19 is causing a dramatic increase in coronavirus-themed phishing attacks, it’s strangely having the opposite effect on other phishing attacks.
When it comes to phishing attacks, hackers tend to “specialize” in a certain type of phishing attack. And as things turn out, some of these “specialists” are really feeling the pinch from COVID-19. A lot of people are struggling in this economy, and apparently some of them are bad guys.