Phishing attacks continue to grow in sophistication and frequency. Cyber criminals are getting more successful in their malicious attempts. Phishing, including
Most cyberattacks start with phishing
Did you know that 91% of cyber attacks start with a phishing email? Phishing protection firm Cofense conducted a study on phishing attacks among 23 industries around the globe. They wanted to find the state of the phishing trade. They sent millions of simulated phishing emails to millions of employees. These are the findings:
-
- 87% of employees opened the simulated phishing emails on the same day they received them.
- Most employees opened their emails in the morning.
- 67% of employees are likely to open another phishing email.
- To be effective, most phishing emails contain a business communication theme.
- Behavioral conditioning or phishing training can decrease employees’ vulnerability to malicious emails.
The study reveals that unstable emotions is a major cause of employee vulnerability to phishing. Employees should be the guardians of the
security system of the company. Yet, they can also be potential vectors for phishing.
The study concludes that education and training can reduce phishing susceptibility. These programs can also improve employee attitude and enhance detection rates.
What are spear phishing attacks?
Here’s a simple
Phishing vs. spear phishing vs. whaling
There’s a thin line between phishing,
In much the same way, phishing is the casting of a wide net of emails to broad and random targets. It involves the mass distribution of emails without targeting individual victims.
The main aim of phishing is to harvest personal information like login credentials. Phishing work involves baiting recipients into clicking a malicious link or file. The link may be a sham website of well known brand, such as Apple, Microsoft, Google, Amazon, and other popular brands.
A phisher can send a phishing email to you prompting you to log in to your bank account to update your credentials. If you’re not vigilant enough, chances are you will respond and click on the supplied link. This will redirect you to a hacker’s fake website that looks and feels like your bank’s website. At the fake website, the hacker can steal your login and other sensitive information. He or she can use your information for nefarious activities or sell them on the dark web.
Spear phishing has the same goal as phishing. But it aims for specific targets from whom spear phishers want something in particular. Before they send the emails, spear phishers do a background check on you and pretend to know you.
They use social engineering to manipulate you to share confidential information. Their emails look like they come from a friend or trusted source. These emails look urgent or work-related. They also offer a great deal you can’t refuse so that you take action as instructed. Remember, spear phishers want something specific for you to do.
Consider this scenario. A spear phisher goes to LinkedIn and looks for you there. He finds that you are friends with your CEO, Bob Hup, and that you have a new project. You later receive an email request from your CEO, requesting you to wire $50,000 to a contractor for your project.
The email comes from a certain bobhup11@gmail.com account. If you are not paying close attention, you might send the wire transfer. The email comes from a fake gmail account created by the hacker. Take time to check because your boss uses his company email bob-hup@abc.com for work-related messaging.
The above example represents whaling. Also called CEO fraud scams, whaling attacks use social engineering techniques. Whalers apply highly targeted attacks to the mid-tier employees in the company. They tempt them to take action based on the belief a superior or executive requested it. Hackers use social engineering techniques to condition the minds of lower-level officers to obey higher-level executives.
Other forms of spear phishing
Spear phishing comes in different forms, depending on the platform used to execute the attack and who it’s aimed at.
Smishing
Smishing is a form of
Vishing
Vishing is also known as voice phishing. Hackers use
Clone phishing
Clone phishing is an email
Social media phishing
Attackers use social media sites like Facebook, Instagram, and Twitter to launch their
Pharming
Pharming is a form of
By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.
Signs of a spear phishing attacks
Companies that promote remote work are easy targets of
Inconsistencies in email addresses and domain names
Sometimes, you may receive emails from familiar email addresses. But they look a little off. Try checking against previous communications if the email addresses match. Emails coming from co-workers should contain email addresses with your company’s domain name.
For example, johndoe@gmail.com is a personal email account. johndoes@companydomainname.com is a corporate email account. If the email doesn’t come from a business account, take precautions and don’t click.
A sense of urgency, persuasion, or threat
Spear phishing attacks contain urgent, persuasive, or threatening messages to convince victims into taking action. Spear phishers will send an urgent request that you need to act on immediately. Or that you are the beneficiary of some form of reward or benefit. Worse, they will warn you of negative consequences if you do not take action on their request.
Unsolicited request
You may receive marketing material you did not request. You may also receive a message that qualifies you for a prize in a raffle you did not join. Suspicious emails with unsolicited requests aim to bait you into downloading malware. They may also be tricks to tempt you into clicking on malicious links to capture your personal information .
Unusual request
Spear phishing messages contain unusual requests. For example, the scope of your work involves accounting and bookkeeping. Suddenly, you receive an email request from the IT team to install a program or a link to patch your PC. This is a red flag and you should not follow the request. Contact the IT team immediately to confirm if they really sent the instructions.
Request for credentials and other personal information
Many
Attachments from unfamiliar sources
Attachments from unfamiliar sources are
Other telltale signs of spear phishing
Other signs you should watch out for to avoid
- Suspicious and unfamiliar messages
- Shortened links, think Bitly
- Copycat URLs that contain very subtle differences from the genuine ones
- Locked accounts
- Increased spam emails
How to prevent falling victim to spear phishing emails
For most organizations, email is the most important channel of communication. But it is also the most common attack vector for phishing. You can avoid
Analyze your team’s email activity
Email has become an integral part of most organizational setups. Employees spend hours using it. How many work-related emails do they process every day? And how many personal email threads do they send and receive everyday? What types of company websites do they connect to? Are they safe or do they pose a threat?
You should analyze your team’s email activity to get an idea of how safe or risky your company is to
Encourage the use of strong email passwords
Most cyber criminals are good at guessing passwords. They use social engineering approaches to get them. A strong password uses a mix of uppercase letters, lowercase letters, and symbols. Also, the longer a password is, the stronger it is. Each new character in the chain multiplies the number of guesses a hacker has to make. It is also important to make sure that you are not using generic characters like “123456” or “wxyz”.
Do not use a single password for all your email accounts
Spear phishing attackers want your sensitive data. Using a single password for all your email accounts is risky. If a hacker can crack this single password, he or she may attempt to try it on your other email accounts. This can lead to compromising all your other accounts.
Change your email password regularly
Change your password as often as possible to make it hard for hackers to crack it and steal your sensitive data. After a password leak or data breach, change your password immediately. This way, hackers cannot access your account even if they have stolen the old one.
Never share your email password
Sharing your password even with friends or coworkers is not a good idea. And no reputable email company will ask for it directly. If they do, it is most certainly a scam.
Choose the devices and security software you use
Some companies issue devices with built-in
Use two-factor authentication
Two-factor authentication offers an added layer of protection. It involves at least two authentication factors before you can access your account. It includes your password and a one-time passcode sent to your email or
What to do after responding to a spear phishing email
In
Change credentials immediately
Hackers often use malware as a means to harvest personal information. This may include usernames and passwords. Immediately change your credentials. Give special attention to your personal and financial accounts. In other words, change passwords for all your online accounts.
Report the phishing incident to the IT security team
Report the incident to the IT
Circulate fraud alerts
If a phishing attack compromised your bank account, contact your bank as soon as possible. Request them to put an alert on your bank account. If your credit cards are compromised, inform your credit card companies. Let the major credit bureaus know what happened so they can set up alerts on your credit cards as well.
Backup your files
It is possible that files are not immediately erased after a
Let the IT team investigate the phishing attack
When necessary, the IT team should block the compromised account while they investigate. The investigation should find out the extent of the phishing attack. It should also assess its impact. The IT team must:
- Identify the phishing emails that users responded to
- Look for other possible emails from the same sender
- Determine who else in the organization may have received the same email
- Analyze the malware program introduced into the network
- Pull out the email and clean up the malware from the system
Examine accounts regularly
Accounts that have been “phished” before are especially vulnerable to future phishing attacks. So check for suspicious activities to avoid falling victim to future phishing attempts.
Educate and train the workforce
User education is key to a secure workforce. The training should include common
IT should put in place email
- Email filtering
- Spam filters
- Sandboxing
- Browser isolation
- Machine learning tools
Takeaway
Finally, “phishers” are becoming stealthier. They now use more sophisticated methods to achieve their goals. But there are also other ways companies can protect their networks. They must develop future phishing strategies and
Again, the human factor is a precarious link in the phishing cycle. Employees should know and understand the phishing risks they may face. More importantly, they should know how to address them. An informed workforce and protected system are key to a secure company network.
By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.
Recommended Reading
What you should know about Chatbots And cybersecurity
Chatbots are conversational assistants that automate repetitive chores. We like them because they assist them in completing jobs swiftly and without the need for human interaction. But an unprotected chatbot can be a security problem. Hackers can use defenseless AI chatbots to carry out nefarious activities. Read to learn more.
7 ways to secure your home office
People working from home perform most of their tasks online. They are now more exposed to cyber attacks than ever before. Cyber criminals see a great opportunity in the massive growth in working from home and the vulnerabilities of home office security.
What is HTTPS?
HTTPs enables web servers and web browsers to establish secure connections. It encrypts data being transmitted in both directions. This helps prevent thieves from stealing sensitive information along the way.
What is Bloatware?
Preinstalled and unwelcome. Bloatware is unwanted software installed on your digital device; slowing it down, reducing battery life, consuming space and just destabilizing it.
What is Spyware?
Spyware is malware that infects your digital device, spies on you, and sends your private data back to the cybercriminals.
What is Typosquatting?
Cybercriminals target visitors that accidentally mistype website addresses directly into their browsers. They use typosquatting, also called URL hijacking, to deceive visitors and lead them to malicious sites they themselves have set up.