Email Checklist: Is It A Phishing Attack?

May 30, 2020

More than half of phishing attack emails contain malicious links. Furthermore, approximately one-third of all phishing attack emails manage to bypass default security methods.

So how do you determine if an email you’ve received is a phishing attack?

Sure, sometimes it’s obvious. But as cybercriminals continue to evolve and become more sophisticated, their phishing attack emails are becoming more convincing than ever before.

Here’s a complete checklist to go through when you receive a suspicious email:

An Overly Generic Greeting
More often than not, phishing emails are sent out to a massive list rather than one individual.

This means they’ll often contain generic greetings, such as “dear customer” or “dear member” whereas a legitimate source, such as your bank or a government organization, would probably address you by name.

A Request to Update or Verify Information
If the email contains some sort of request to update or verify your information, it’s likely a phishing email. No legitimate source will ask you to update or verify sensitive information over the internet. Chances are, they will call you or wait until you’re in the store/at the bank to go over this request with you.

A Lack of a Domain Address
Aside from looking at the name and company information, don’t forget to double check their domain address.

Hover your mouse over the “from” address to see if there is a legitimate domain or not. For instance, they may have !IRA.com instead of IRA.com. However, this isn’t always foolproof and it’s important to check for other signs too.

Grammar and/or Spelling Errors
Large organizations tend to spell check their email content carefully – meaning it’s not very common to find grammar and/or spelling errors throughout emails from your bank, government entities and other legitimate sources. Pay close attention to the grammar and/or spelling in the email.

A Sense of Urgency
If something is urgent, a legitimate source will typically call you or send you a piece of direct mail.

Cybercriminals tend to create a sense of urgency, such as “if you don’t respond, your account will be canceled” or “if you don’t pay the attached invoice, you
will be charged interest and it will go to collections.”

An Unsolicited Attachment
As a general rule, if the email contains an unsolicited attachment from an unknown sender or an unsolicited attachment that seems out of place from a sender you do know, don’t open it.

Typically, legitimate sources don’t randomly send emails with attachments. Instead, they will direct you to download something directly from their website.

Suspicious Links
Before you click on a link, hover over it to see where the link is actually going to take you. Often, cybercriminals will make it appear as though the link is going to a legitimate place, but once you’ve hovered over it, you’ll find that it’s taking you to somewhere else entirely. Always hover over any links before clicking them.

Filed Under: Phishing Tagged With:

How To Protect Your Business From Phishing And Spearphishing

December 10, 2019

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

One of the best ways to protect your business against these types of attacks is by educating your employees on the methods these criminals exploit to gain access to your employees and your sensitive information. But beyond that, there are some methods you can use in conjunction with education to help protect your business.

Pre-delivery
Using filters can help prevent malicious emails from reaching your employees’ inbox and is effective for preventing indiscriminate attacks but not targeted ones.

More useful, however, are solutions that not only filter emails before reaching the inbox but incorporating virus scanners, real-time intent analysis, reputation checks, URL checkers, and other assessments before any email reaching your employee. We have an offering that can help you prevent an attack before it even starts. [Read more…]

Filed Under: Online Security, Phishing Tagged With: ,

How To Protect Your Business From SHTML Phishing

October 1, 2019

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Data security is vital to any business. Learn how SHTML phishing works and how to minimize the risk of your data falling into the hands of attackers.

Email phishing has been in the playbook of hackers since, well, email. What’s alarming is the scope in which criminals can conduct these attacks, the amount of data potentially at risk, and how vulnerable many businesses are to phishing attempts.

Here’s what you need to know to spot the hook and protect your data from being reeled in.

How Does Email Phishing Work?
A phishing email typically contains an attachment in the form of a server-parsed HTML (SHTML) file.

When opened, these shady files redirect the user to a malicious website often disguised as a legitimate product or service provider. [Read more…]

Filed Under: Phishing Tagged With: ,

Top Concern For Small Businesses? Cybersecurity

August 22, 2019

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

While some might assume that fear of an economic recession would be at the top of the list of key issues small business owners concern themselves with, a recent survey found that another issue is of much greater concern: Cybersecurity.

This is no surprise.

For the past several years, cybercrimes and data breaches among companies large and small, governments, and even individual citizens have risen drastically.

While it’s true that many business owners still assume a data breach at their own company is highly unlikely, with the ultimate price tag of such attacks ramping up to the millions of dollars (and recovery being hardly successful), it makes sense that companies are taking notice.
[Read more…]

Filed Under: Phishing, Vulnerability Tagged With: , , , ,

How To Save Your Business From Phishing Scams

July 31, 2019

Workplaces today are filled with computers and machines, but just as these workstations optimize efficiency and profit, they also increase the possibility of attacks designed to steal, destroy, or corrupt your data through the use of malicious programs.

The most probable avenue for these malicious programs is through phishing scams. To understand how to stop these attacks, you must first understand what a phishing scam entails.

A phishing scam is an attempt for someone to steal sensitive information or install malware onto your PC by tricking you into clicking a link, opening an attachment, or providing personal information.

Although these attacks use tactics that trick people every day, you can stay safe by staying smart. Through time and practice, it can become easy to spot a phishing attack and keep your PC and personal information safe.

If you receive an email containing a threatening message, usually one demanding immediate action, it is probably a phishing scam. Most of these messages try to trick users into clicking a link or opening an attachment with threatening messages like, “Your account has been compromised! You are no longer protected! Click here to protect your account!”

Once you click the link, though, you are redirected to a phishing site.

Another example may be what seems to be an email from your boss’ boss demanding sensitive information to complete company documentation. Always beware when you see a threatening or demanding message.

Another indicator of a phishing scam is an unfamiliar email address or domain name. Some scammers may use domain names or email addresses similar to your normal contacts, but they will never be the same. If you notice an inconsistency, report the email.

Phishing scams can also normally be identified by the sender’s grammar skills. Here is an example from a phishing email: “Click here to cancel this request, else your öffice 365 accöunt…” Terrible grammar and unfamiliar characters as shown here are indicators of a scam.

Lastly, be wary of any request for any type of personal or sensitive information whatsoever, even if it initially seems to be from a trustworthy source.

Even if it does not show any other signs of being a phishing scam, always double and triple-check the authenticity of the request.

If you do stumble across a phishing scam, your best course of action would be to delete the email in question without opening any attachments or clicking any links.

In addition, you should report the incident to your superior or your IT service provider. If a phishing attack happened to you, it can happen to your coworkers as well.

Giving sensitive company information away to a scammer is the last way you want to start your week.

Their tactics are always changing, so the best way to fight attacks like these is through education and awareness rather than programs or filters. Remember the red flags of a phishing scam, and you will have no problem keeping your business safe and secure.

Filed Under: Online Security, Phishing Tagged With: ,

What Are The Newest Phishing Attacks?

June 27, 2019

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Phishing is a term adapted from the word “fishing.” When we go fishing, we put a line in the water with bait on it, and we sit back and wait for the fish to come along and take the bait. Maybe the fish was hungry. Perhaps it just wasn’t paying attention. At any rate, eventually a fish will bite, and you’ll have something delicious for dinner.

How Does Phishing Work?
This is essentially how cyber phishing works. Cybercriminals create an interesting email, maybe saying that you’ve won a $100 gift certificate from Amazon. Sound too good to be true? Find out! All you have to do is click the link and take a short survey.

Once you click the link, a virus is downloaded onto your system. Sometimes it’s malware, and sometimes it’s ransomware. Malware includes Trojans, worms, spyware, and adware. These malicious programs each have different goals, but all are destructive and aimed at harming your computers. [Read more…]

Filed Under: Online Security, Phishing, Security Tagged With: , , ,

New Whaling Schemes: CEO Fraud Continues To Grow

June 7, 2019

In previous years, the first clue that your corporate email has been compromised would be a poorly-spelled and grammatically incorrect email message asking you to send thousands of dollars overseas.

While annoying, it was pretty easy to train staff members to see these as fraud and report the emails. Today’s cybercriminals are much more tech-savvy and sophisticated in their messaging, sending emails that purport to be from top executives in your organization, making a seemingly-reasonable request for you to transfer funds to them as they travel.

It’s much more likely that well-meaning financial managers will bite at this phishing scheme, making CEO and CFO fraud one of the fastest-growing ways for cybercriminals to defraud organizations of thousands of dollars at a time.

Here’s how to spot these so-called whaling schemes that target the “big fish” at an organization using social engineering and other advanced targeting mechanisms.

What Are Whaling Attacks?

Phishing emails are often a bit more basic, in that they may be targeted to any individual in the organization and ask for a limited amount of funds.

Whaling emails, on the other hand, are definitely going for the big haul, as they attempt to spoof the email address of the sender and aim pointed attacks based on information gathered from LinkedIn, corporate websites and social media.

This more sophisticated type of attack is more likely to trick people into wiring funds or passing along PII (Personally Identifiable Information) that can then be sold on the black market. Few industries are safe from this type of cyberattack, while larger and geographically dispersed organizations are more likely to become easy targets.

The Dangers of Whaling Emails

What is particularly troubling about this type of email is that they show an intimate knowledge of your organization and your operating principles. This could include everything from targeting exactly the individual who is most likely to respond to a financial request from their CEO to compromising the legitimate email accounts of your organization.

You may think that a reasonably alert finance or accounting manager would be able to see through this type of request, but the level of sophistication involved in these emails continues to grow. Scammers include insider information to make the emails look even more realistic, especially for globe-trotting CEOs who regularly need an infusion of cash from the home office.

According to Kaspersky, no one is really safe from these attacks — even the famed toy maker Mattel fell to the tactics of a fraudster to the tune of $3 million. The Snapchat human resources department also fell prey to scammers, only they were after personal information on current and past employees.

How Do You Protect Your Organization From Advanced Phishing Attacks?

The primary method of protection is ongoing education of staff at all levels of the organization. Some phishing or whaling attacks are easier to interpret than others and could include simple cues that something isn’t quite right. Here are some ways that you can potentially avoid phishing attacks:

  • Train staff to be on the lookout for fake (spoofed) email addresses or names. Show individuals how to hover over the email address and look closely to ensure that the domain name is spelled correctly.
  • Encourage individuals in a position of leadership to limit their social media presence and avoid sharing personal information online such as anniversaries, birthdays, promotions and relationships — all information that can be leveraged to add sophistication to an attack.
  • Deploy anti-phishing software that includes options such as link validation and URL screening.
  • Create internal best practices that include a secondary level of validation when large sums of money or sensitive information is requested. This can be as simple as a phone call to a company-owned phone to validate that the request is legitimate.
  • Request that your technology department or managed services provider add a flag to all emails that come from outside your corporate domain. That way, users can be trained to be wary of anything that appears to be internal to the organization, yet has that “external” flag.

There are no hard and fast rules that guarantee your organization will not be the victim of a phishing attack. However, ongoing education and strict security processes and procedures are two of the best ways to help keep your company’s finances — and personal information — safe from cyberattack.

Filed Under: Online Security, Phishing Tagged With: ,

Inside The Anatomy Of The Human Firewall

March 28, 2019

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Each year, around 61% of small businesses become the victims of a malware attack. While many small businesses may think no one would ever come after them because of their size, know that over half of the total global attacks hit small businesses and, for thieves, getting access to your systems is becoming increasingly lucrative.

Companies collect more about customers than ever before: medical history, financial records, consumer preferences, payment information, and other confidential information.

Some of this information could be used in malicious ways to either harm your business or directly harm the customers, so we all understand that we must protect it from cyberattacks.

Creating a human firewall is the best way to keep your system and data safe, but what exactly is a human firewall, why do you need one, and how can you build one? Let’s take a look! [Read more…]

Filed Under: Firewalls, Online Security, Phishing Tagged With: , ,

Researchers Turning To Algorithms To Combat Phishing

September 26, 2018

Chris Myers is a field service technician for Tech Experts.

Phishing is a type of social engineering attack used to steal user information such as login credentials, bank account information, or credit card numbers. The most commonly seen phishing attack is when an attacker, posing as a legitimate source, tricks a victim into clicking on a malicious link in an email. Once clicked, the link installs malware on the user’s computer and possibly gives the attacker access to other devices on the same network.

Often, the link opens a website owned by the attacker, specifically designed to look like a normal login or account validation page. However, when users enter their information into this website, all they are doing is giving that information directly to the attacker.

Phishing emails have been around since the dawn of the Internet, even having a paper and presentation discussing their use at the 1987 conference for the International HP Users Group, “Interex.”

While the basic premise hasn’t changed since then, attackers have had decades to improve their technique and automated delivery systems.

A New Defense
Jeremy Richards of the mobile device security company Lookout has been developing a novel solution to this problem. Lookout records the network traffic of over 60 million mobile applications and, as such, has a large amount of real-time data it can analyze.

After manually tracking phishing websites through this network, Richards discovered many telltale digital signs of phishing websites. He started creating tools to assist in this detection, but those quickly evolved into their own automated search engine.

The program now goes through several steps to algorithmically narrow down and positively identify malicious websites. For example, the program will check new domains (website addresses) for misspellings of technology or financial companies, or special characters used in place of normal lettering.

Once it spots a suspicious website, it will take a screenshot of the homepage and then automatically search for the logos of thousands of companies. Phishing websites almost always try to look official by using the actual logos from companies like Apple, Microsoft, and Google.

Once a site is confirmed to be malicious, Lookout can report them to the authorities, download the specific phishing code used by the attackers, then look for that code in future scans to find additional websites.

As phishing attacks occur with increasing frequency, these automated solutions will be necessary for us to stand any chance at stemming the tide of cybercrime.

How To Spot Phishing Emails
Here are some common characteristics of phishing emails that you can identify:

Poor grammar – Since most emails aren’t composed by native English speakers, they usually contain many grammar, spelling, and capitalization mistakes, along with unusual phrasing.

Generic or informal greetings – If a message doesn’t address you by name, it’s another sign that it is from an unknown attacker.

Sense of urgency – Most phishing emails want you to rush through the message and click on a link without looking at it too closely.

Hyperlinks – Hover over any links to make sure they go where they say they are going.

Attachments – Many phishing emails will include malware in attachments.

Unusual sender – If it’s from someone you don’t know, pay extra attention to the contents.

Filed Under: Phishing Tagged With:

Google Study Reveals Phishing Attacks Are The Biggest Threat To Web Security

June 26, 2018

A recent study by Google and UC Berkeley suggests that cyber thieves are successfully stealing 250,000 valid usernames and passwords every week.

The study, which was based on 12 months of login and account data that was found on criminal websites and forums, aimed to ascertain how the data had been hacked and the actions that can be employed to avoid criminal activity in the future.

Google claims the research is vital for developing an understanding of how people fall victim to scammers and hackers and will help to secure online accounts.

The research found that, over a 12-month period, keyloggers (programs that monitor every keystroke that someone make on a computer) stole 788,000 account credentials, 12 million were harvested via phishing (emails or phone calls that con people into handing over confidential data), and an incredible 1.9 billion were from breaches of company data. The study found the most productive attacks for cyber-thieves came from phishing and keylogging. In fact, in 12%-15% of cases, the fraudsters even obtained users’ passwords.

Malicious hackers had the most success with phishing and were able to pick up about 234,000 valid usernames and passwords every week, followed by keyloggers who managed to steal 15,000 valid account details per week.

Hackers will also look to gather additional data that could be useful in breaching security measures, such as the user’s Internet address (IP), the device being used (Android versus Apple) and the physical location. Gathering this data, however, proved far harder for those with malign intent.

Of the people whose credentials were secured, only 3.8% also had their IP address identified, and less than 0.001% had their detailed device information compromised.

Google said in a follow-up blog post that the research would be used to improve the way it detects and blocks attempts to misappropriate accounts.

Historical data of the physical location where users logged on and the devices they used will increasingly be used as part of a range of resources that users can use to secure their accounts.

The research, however, did acknowledge that the account hacking problem was ‘multi-pronged’ and would require countermeasures across a number of areas including corporate networks.

Education of users is set to become a ‘major initiative’ as the research also revealed that only 3.1% of people whose account had been hijacked subsequently started using enhanced security measures such as two-step authentication (Google authenticator or a similar service) after control of a stolen account was regained.

Filed Under: Online Security, Phishing Tagged With: ,
Next Page »