How does it work?
Usually, phishing attacks manifest by sending to the targeted person (regular employees or management team), spoof emails carrying hacked links. Here, cybercriminals steal the private information entered by the user in the spoofed website. Users must stay alert to prevent attacks and avoid being the victims of different thefts such as unauthorized purchases or stealing funds.
Phishing is characterized as a delivery mechanism for different malware that usually targets organizations. Usually, the malware arrives as a link or attachment in an email, pretending to be from a well-known person or company to trick you.
Some of the most common phishing attacks come from spam emails, which you need to be aware of. Such faked emails include links (URLs) to websites under attackers’ control that are modified to look like legitimate mail, implementing a fake URL that directs the user to visit the fake (spoof) website where the attacker can steal the most sensitive information.
Therefore, once the host has entered the spoofed link, phishing aims to inject malware into the user’s private system, helping the attacker to steal the private information from the system without the knowledge of the user. Such injected malware are viruses known as Ransomware, Trojan horse; Worm; Spyware.
The system which is infected with malware is termed as zombie and such zombie is used to launch criminal activities.
a. Attacker sends an email with a spoofed website to the legitimate host
b. Host without knowing it is a phishing attempt, just click the URL in the mail and visit the fake website
c. Once the host enters the credentials (in the spoofed website), the attacker now can steal that sensitive information
d. The attacker uses the credentials of the host on the original website and steals the employee’ identity
Real-life situations
Two examples of Email Phishing attacks that happen in corporations
Corporate emails
An employee receives an e-mail from the executive director of his company, asking him to buy electronic gift cards for a customer appreciation event. The request is urgent, so she buys these gift cards online and sends the numbers to the CEO. A few weeks later, the employee discovered that the executive director had not made this request.
Cloud email or fake web-links
An employee receives an email with a link to a secure document. He enters his credentials to view the document, but the document does not load. Then the employee moves on to another task and forgets about the error. The employee provided the username and password to the hackers, who can now use it to access his/her email and other online accounts, including the systems and data used by the company.
If you suspect any phishing attack do not hesitate to contact our qualified technicians.
For more information please contact us at solutions@risksoft.ro
How to protect your business?
Let’s recap. What you should be aware of?
A good practice is to always delete the messages and emails that are unwelcome and with whom the victim has no real connection. For those who fall into this category, it is recommended to ask the opinion of a qualified person about how to proceed next.
1
Avoid hacked attachments
Never open attachments you don’t seem right and be careful when accessing emails, even if they appear to come from well-known sources, such as colleagues or business partners.
Phishing emails are often having information that asks the users to enter sensitive information or urge them to click attachments. Before entering any attachment, first, check the sender’s email address (not the displayed name).
2
Avoid hacked links
Usually, spoofed emails come with URLs that redirect the victim to harmful websites. Only download software or files from trusted sites otherwise you risk infecting your system with malware. If you get a warning of a potential threat, close the tab.
3
Avoid activating the ”Enable Content” button
Avoid activating the ”Enable Content” option when comes to Microsoft Office documents received from untrusted e-mails and websites.
4
Avoid writing your credential
Avoid clicking on the action buttons such as “Verify YOUR ACCOUNT”. Such links may lead to a webpage that looks identical to the real webpage, but which is controlled by the attacker. On this page, the user is prompted to log in. Finally, any captured usernames and login credentials are sent to the phisher.
5
Avoid harmful advertisements
Avoid clicking on URL links; Messaging applications, and Advertisements received by email.
6
Junk emails
Avoid clicking on junk emails from the junk folder of your email. These are usually spam emails that have been automatically redirected to the junk folder for your and your company safety.
