How to Recognize Common Phishing Attacks

Security-Left.png
How to Recognize Common Phishing Attackscommon-
security-right.png

 
Portage, Michigan | May 02, 2018
Updated: February 21, 2020

What is Phishing?

Phishing, not to be confused with the outdoor activity, fishing, is a cybercrime that targets people by way of email, phone call, or text message masquerading as someone else.

Hackers pretend to be someone the target is familiar with to gain sensitive information like passwords, credit card numbers, or personal ID information.

With this information, the phishers use it to access personal accounts, resulting in identity theft and financial losses.

 
 

 

How to Recognize a Phishing Email:

  • IT'S TOO GOOD TO BE TRUE! – If you open an email telling you that you’ve won some expensive prize, like an iPhone, or a large cash prize, that’s automatically a red flag. Phishing emails will use attention-grabbing sentences like these, so you open them because you’ve “won” something great. Don’t fall for it!

 

  • IMMEDIATE ATTENTION – It’s common for these emails to make you act fast on a deal they are offering. Of course, the deal is only a limited time offer and you shouldn’t pass it up, right? Wrong! Avoid these offers by ignoring the email.

 

  • HYPERLINKS – When you hover over a link, you will see the actual URL of where you will be directed after opening the link. Pay attention, because if there are any misspellings in the URL, this is not a safe or legitimate hyperlink.

 

  • ATTATCHMENTS – If you open an email to see an attachment you weren’t expecting, don’t open it. Those attachments often contain ransomware or other viruses. The only safe file type to open is a .txt file.

 

  • ABNORMAL SENDER – Whether the sender seems like someone you know or don’t know, if something seems unusual about it, leave it alone and don’t even click on it!

 

Check it out: Signs Your Smartphone Has Been Hacked

 

6 Common Phishing Attacks:

1. DECEPTIVE PHISHING

This is the most common type of phishing out there.

Deceptive Phishing refers to an attack where the target (you), receives an email that resembles a company you are all too familiar with.

You are asked to enter some sensitive information such as a login password.

From there, that information is used to deliver the target to cyber attackers.

Deceptive Phishing is just that, deceptive.

When an email has a sense of urgency to its message, usually having to do with the account in question, the target is deceived into thinking they need to act fast and follow the instructions.

Deceptive Phishing only succeeds when the attack email closely resembles a legitimate company’s official appearance and tone.

Most often, these emails will never be completely perfect, and the receiver of the email can look for discrepancies in the grammar, spelling, and the URL address.

For example, “PayPal” sends you an email saying your password expired and you need to reset it NOW or else your account information will be lost FOREVER.

Sounds fishy, right.

The fraudster is creating a huge sense of urgency that is highly unprofessional, especially from a large company like PayPal.

 

How to avoid this:

Look out for generic greetings or requests for information that the company should have already known.

Don’t trust an email that wants you to act immediately and threatens you if you don’t take immediate action.

 

Check it out: Infographic: What Is Attacking My Computer?

 2. SPEAR PHISHING

This type of phishing is a more sophisticated type of attack because unlike deceptive phishing, spear phishing uses loads of personalization to attract targets.

A spear phishing email will often include the target’s name, company, work phone number, etc. in order to trick the target into thinking they can trust the sender.

The goal is the same as deceptive phishing; to get the target to click on dangerous URL links or attachments to enter personal information.

Spear phishing is common on social media platforms, such as LinkedIn, where attackers are able to obtain multiple sources of a target’s information to design a personalized email.

Phishing accounts for 90% of data breaches.
— Retruster

 

How to avoid this:

Look out for typos and threats.

Conducting employee security awareness training will help educate staff on what to look out for.

This will not only help protect them individually but your company as a whole.

Remember all it takes is one person to click on a bad link for a whole network to become infected.

You can also invest in software that automatically checks emails for malicious links or attachments.

The software should be capable of picking up indicators for both known malware and zero-day threats.

3. CEO FRAUD

This type of phishing is often partnered with spear phishing.

While spear phishing targets anyone in a company, CEO Fraud is the second phase.

Attackers will impersonate an executive and abuse their email to authorize illicit wire transfers to a financial institution.

These are also called “Whaling” attacks because they target the higher-ups in a company to steal their information.

These types of attacks work because executives don’t often participate in employee security awareness training.

30% of phishing emails bypass default security measures.
— Avanan

 

How to avoid this:

Check unusual requests with your boss before taking further action within the email.

Amend financial policies in the company so that no one can authorize a transaction through an email.

Lastly, ensure that executives undergo security awareness training along with employees.

Another way to prevent this is by deploying two-factor authentication.

This adds an extra layer of protection on all logins, so users logging in will have to verify it’s them through an app, call, key, etc.

More on two-factor authentication.

4. PHARMING

This is a different type of phishing than the others because it does not follow the tradition of baiting targets through emails.

Instead, Pharming is executed by converting website addresses into numerical IP addresses in order to locate computer services and devices.

The Internet uses DNS (domain name system), which is used to convert the website name to the IP address.

After attacking the DNS server, the pharmer changes the IP address to redirect the target to a malicious website, even when the target has entered the right website name.

 

How to avoid this:

Encourage employees to only enter in login in information on HTTPS-protected sites.

Installing anti-virus software and issuing security upgrades on a regular basis is important.

Look out for the URL of any site that is asking for data and make sure there is a security certificate.

 

Check it out: Don't Get Hooked: How To Recognize and Avoid Phishing Attacks (Infographic)

5. DROPBOX PHISHING

This type of phishing is a more specialized attack that targets an individual company or service.

Dropbox Phishing is emails that look realistic and claim to originate from Dropbox, a commonly used file-sharing platform.

The email will request the user to secure their account or to download a shared document, using a fake Dropbox login page hosted on Dropbox.

When this phishing is successful, and the target has entered their information, malware will be installed on their computer.

 

How to avoid this:

Consider implementing a two-factor authentication on their Dropbox account.

6. GOOGLE DOCS PHISHING

This type of phishing is similar to Dropbox Phishing in the sense that it uses a particular platform and mimics it to attack users.

Google Docs Phishing sends users a message invite to view a document, taking them to a landing page that is, in fact, a Google Drive, so it appears to be the real deal until the target enters their information, which is then sent right to scammers.

Google Drive supports documents, files, photos, and even websites that phishers are able to use to create a site that exactly imitates that of the Google account login screen.

 

How to avoid this:

Just like the Dropbox Phishing solution, implementing a 2FA (two-factor authentication) will help to protect the user against this type of attack.

Also, examine the page for errors and check which service you are entering.

 
The Omega Blog
Security for SMBs Guide
The Geek Freaks Podcast

SHARE BLOG POST

SecurityMadison Bronkan