Phishing refers to any attempt to obtain sensitive information such as usernames, passwords, or banking details, often for malicious reasons, by impersonating a trustworthy entity in an electronic communication. Phishing is an example of a social engineering technique used to mislead users and exploit their weaknesses in network security. Various attempts have been made to control the increase in reported phishing cases, include legislation, employee and general user training, public education, and standardized network security protocols.
Phishing is typically carried out by direct digital communication. An attack will often direct users to enter sensitive information at a fake website, the look and feel of which match the legitimate site. Correspondence, claiming to have originated from social media, auction or retail sites, financial institutions, or network and IT administrators, are used to trap users. Phishing emails may even contain links to distributed malware, further damaging a victim’s system.
In addition to standard phishing techniques, specific types of phishing can be used to accomplish various objectives.
- Spear Phishing: An email-spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information. Attackers usually gather personal information about the intended target to increase their chance of success.
- Clone Phishing: Where an authentic, previously valid email has its content and recipient address stolen, reverse engineered to create an identical or cloned email. Any real attachments or links in the original email are replaced with malicious software, and then sent from a spoofed email address to trick the victim into believing its authenticity.
- Whaling: A phishing attack crafted to target an upper manager based on the person’s role in the company. The content of a whaling attack email is often written as a legal subpoena, customer complaint, or executive issue. Whaling scam emails are designed to masquerade as a critical business email, sent from a legitimate business authority.
- Phishing attempts most often begin with an email attempting to obtain sensitive information through some user interaction, such as clicking on a malicious link or downloading an infected attachment.
- Through link manipulation, an email may present with links that spoof legitimate URLs; manipulated links may feature subtle misspellings or use of a subdomain.
- Using covert redirection, attackers can corrupt legitimate websites with malicious pop-up dialogue boxes that redirect users to a phishing website.
- Infected attachments, such as .exe files, Microsoft Office files, and PDF documents can install ransomware or other malware.
- Phishing scams can also employ phone calls, text messages, and social media tools to trick victims into providing sensitive information.
Common Features Of Phishing Emails
When dealing with web security, it’s important to be able to recognize the most common aspects of a phishing attack. Users are often the only reason that phishing attacks are successful, so avoiding major pitfalls can help businesses avoid cyber security threats.
- Dramatic Statements: Lucrative offers and eye-catching or attention-grabbing statements are designed to attract people’s attention immediately. For instance, many claim that a target won a phone, a lottery, or some other lavish prize.
- Urgency: A common tactic among cybercriminals is to ask the victim to act quickly before an opportunity ends. Most reliable organizations give ample time before they terminate an account and they never informally ask their users to update personal details over the Internet.
- Hyperlinks: A link may not be all it appears to be. Hovering over a link shows the actual URL, and it could be totally unrelated to the link text. Sometimes it might appear to be a safe website, but with slightly altered spelling – for example, with the number “1” replacing a lowercase “L”.
- Attachments: Unexpected attachments in emails should be treated with suspicion. They often contain payloads like ransomware or other viruses.
- Unusual Sender: Low level spam will often be sent by unknown or suspect sounding users. When receiving an email from someone unknown, who seems to be acting suspiciously, practice control in responding too quickly, if at all.
What Does A Phishing Email Look Like?
One of the reasons phishing emails are so sinister — and unfortunately often successful — is that they’re crafted to look legitimate. Generally, the following features are common among phishing emails and should raise red flags:
- Attachments or links
- Spelling errors
- Poor grammar
- Unprofessional graphics
- Unnecessary urgency about verifying your email address or other personal information immediately
- Generic greetings like “Dear Customer” instead of your name.
Hackers often rush to get phishing sites up, so some of them will look significantly different from the original company. You can use these traits to pick a malicious email out of your inbox.
Still, it’s not always clear what steps to take when you receive a phishing email that has skirted around your spam folder.
Tips For Handling Known Phishing Emails
Being vigilant about spotting phishing emails is key. If you’ve come across one in your inbox (that hasn’t been auto filtered into spam), use these strategies to avoid becoming a victim of a phishing attack.
- Delete the email without opening it. Most viruses activate when you open an attachment or click a link within an email. But some email clients allow scripting, which makes it possible to get a virus simply by opening a suspicious-looking email. Making it best to avoid opening them all together.
- Manually block the sender. If your email client allows you to manually create a block, you should do so. Make a note of the sender’s email domain, and then add the sender to a blocked list. This is especially smart and helpful if you share the email box with anyone in your family. Someone else might stumble upon a legitimate-looking email that isn’t part of your spam folder and do something they shouldn’t.
- Purchase an extra line of security. You can never be too safe. Consider purchasing antivirus software, to help monitor your email box.
Just remember, the best way to handle a phishing email is to block or delete it immediately. Whether you take any additional actions to limit your exposure to these attacks is a bonus.
Beyond spotting the email and removing it, you can guard yourself with a few extra few tips.
How To Spot A Phishing Scam (And Stop It In Its Tracks)
Phishing scams are effective because they are very convincing – from brand logos and official language, to knowing personal information about you. So, first steps when handling a phishing scam is knowing how to spot it in the first place:
- The sender name is vague and the sender’s email address is long
- The email’s subject line is attention-grabbing or creating alarm
- The email urges immediate action of some kind
- An offer of a major discount is dangled
- The email is seeking your personal information, including credentials
- The email urges you to click hyperlinked text without clarifying where you are clicking
Once you’ve identified a scam email, there are steps you can follow to protect yourself and protect others.
When trying to protect yourself against a phishing scam, there are a few key tips to keep in mind:
- Don’t click on any attachments, which can install harmful malware.
- Don’t click on any links, especially if the email urges you to go to a website and provide any information.
- Don’t reply to the suspicious email or use a phone number or other contact information in the email.
- Look closely at the sender’s email address and any web addresses in the email for deviations from the official name of the business or sender.
- If you’re using personal email, and a message claims a business is urgently trying to reach you, you can call or reach out to the business by looking up contact information online or on an old bill. Do not use any contact information provided in the suspicious email.
- Get two-factor authentication on your email program, and consider changing your email password and any other related passwords.
Once you’ve identified a phishing email, it’s important to report it to the proper authorities to protect both yourself, but everyone else, from falling victim unknowingly:
- Your personal email platform often allows you to report phishing emails. In Gmail, there is a drop-down menu next to the reply button with that option.
- If you already replied to a suspicious email, clicked on an attachment or link, or provided personal information, tell your company’s IT team. If you are using your work email account, contact the IT team. They may want you to forward them the email, but ask first.
Avoiding Phishing Attacks
- Social Responses: Training people to recognize phishing attempts, and deal with them. Education can be effective, especially where training emphasizes conceptual knowledge.
- Browser Alerts: Maintain a list of known phishing sites and check websites against the list. One such service is the Safe Browsing service provided by Google Chrome.
- Eliminating Phishing Mail: Specialized spam filters that reduce the number of phishing emails that reach their addressees’ inboxes, or provide post-delivery remediation, analysing and removing phishing attacks upon delivery through email provider-level integration.
- Monitoring and Takedown: Round-the-clock services to monitor, analyze and assist in shutting down phishing websites.
- Transaction Verification and Signing: Using a mobile phone (smartphone) or alternate email address as a backup channel for authentication and authorization of sensitive interactions (like financial transactions).
How To Recognize And Avoid A Phishing Email
- Spotting a phishing email comes down to pointing out anything inconsistent or unusual.
- Sometimes it’s difficult to recognize what’s genuine and what’s a phishing attempt. First, you’ll want to be sure that you slow down before opening any links, attachments, or sending a reply.
- Here’s an example of how you should react, if you receive a suspect email:
- You receive an email politely requesting a donation for victims of the most recent hurricane to make landfall. The sender’s domain reads “email@example.com” and though the organization could be legitimate, you haven’t heard of it.
- Usually, your spam folder shields you from these kinds of emails, but for some reason this one is sitting at the top of your inbox.
- You are computer savvy, and you’re not taking chances with any email from an organization that’s asking for personal and financial information. This is especially true when you didn’t request it and can’t verify its identity.
- By taking a pause, instead of taking immediate action, you’ve taken an important step to protect yourself. However, you’ve still got to determine if this is legitimate or a scam.
- Now you need to know exactly what to look for in a phishing email to make a decision.
How To Prevent Becoming A Victim Of A Phishing Scam
A recent survey revealed that more than half of the population (52%) had, in fact, been targeted by a scam – mostly in a personal context. Think about that: scammers are hard at work, hitting every other household with an increasingly diverse array of schemes at their disposal. Also, think about this: nearly half of those targeted (47%) didn’t even report the incident.
If you encounter a scam, you should hit back. If you’ve lost money, authorities can help you get it back. You can help to ensure that others at your company or in your neighborhood don’t get targeted themselves. We have some steps to follow if a scammer comes your way.
Phishing attempts come in a variety of forms. Based on the survey results, the largest numbers of encounters come through emails (53%), where a malicious link or attachment comes from a communication that looks like it’s from a legitimate organization. Phone phishing (23%), phishing websites (20%) and text message scams (18%), where a phony organization often claims the recipient won a prize, are popular, as well.
Email Security Solution
Email Security with AVAS (antivirus/anti-spam) provides secure email gateway (SEG) functionality that stops inbound and outbound email threats with first-hand knowledge of attacks and attackers. The solution blocks malware, phishing URLs, impersonation techniques, and spam leaving attackers no chance to take advantage of users. Solution can help
- Reduce risk by providing full stack protection against advanced and targeted attacks
- Improve insight into the threat landscape by drawing contextual intelligence about attacks and attackers across vectors to block threats.
- Improve employee productivity with in-depth intelligence about attacks and attacker motivations that decreases false positives and spam.
In addition to the expected core SEG capabilities such as antivirus, anti-spam, and signature-based anti-malware, Email Security protects customers with threat intelligence gathered from the frontlines, impersonation protection, advanced threat protection, and custom YARA rules It also provide following benefits:
- Offers comprehensive email security against malware, credential-phishing URLs and impersonation techniques as well as anti-spam and antivirus protection with proven capability of detecting corporate email threats in traffic
- Examines emails for threats hidden in password protected files, encrypted attachments and URLs
- Rapidly adapts to the evolving threat landscape from first-hand intelligence and correlation across multiple threat vectors
- Prioritizes and contains threats by providing contextual insights for alerts
- Integrates with Office 365, G Suite, Microsoft Exchange etc
- Supports any deployment model including cloud, appliance, and virtual form factors
This post was written by Prime Research Team