The eyes of the Cyber attacker are primarily upon the theft of the personal and confidential data of an individual. This includes credit card information, social security numbers, bank and checking account information, etc.
One of the most widely used and covert ways in which to extract this sort of data is known as “Phishing”. It can be specifically defined as follows:
“It is a cybercrime in which a target or targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as . . . banking and credit card details and passwords”.
So, as one can see from the definition, there are numerous ways in which the Cyber attacker can launch a Phishing threat. But, E-Mail is still the most widely used mechanism. Therefore, you the business owner must be on the constant vigilance of what the telltale signs of a Phishing E-Mail are. These include the following:
The content of the E-Mail message has poor spelling or grammar:
Phishing E-Mails often contain misspelled words or even extra digits in the telephone number in the signatory component of the message. At first glance, these can be very difficult to find, but after a second or third look, they can be spotted. For instance, a phony message would contain the salutary line of “Dear eBay Costumer” instead of “Dear eBay Customer”. Also, look in the subject line as well for any misspellings. Most e-mail applications are good in catching this, but some still fall through the cracks and make their way into your inbox.
The hyperlinked URL is different than the one that is presented:
Most Phishing E-Mail messages contain the name of a legitimate organization, but with a phony URL that is hyperlinked to it. For example, you could get what looks like a legitimate E-Mail message from PayPal, and towards the end of the message, it will say something like:
“Check your PayPal account here.”
Obviously, the name looks authentic enough, but instead of taking you to www.paypal.com, the hyperlink displays a different URL (hover over it to see it).
Pay particularly close attention to shortened links, especially on social media. Cybercriminals often use to trick you into thinking you are clicking a legitimate link, when in fact you’re being inadvertently directed to a fake site. You can move your mouse over a web link in an email to see if you’re actually being sent to the right website to verify that the URL is the same as you expected.
The E-Mail message has a sense of urgency to it:
The content of a Phishing E-Mail will often have a strong sense of action to take. For example, it may say that your PayPal account has been closed, put on hold, or that there is even some sort of fraudulent activity that has occurred on it. In these instances, there will also be a link to take you to your account, but once again, it will be a phony one.
It asks you to make a donation:
In the face of a natural disaster, human emotions have taken a toll, and this is the time when most people usually let their guard down. The harsh reality of this is that a stealthy Cyber attacker will take full advantage of this situation, and even send out phony E-Mails asking you to donate money to help a certain humanitarian agency, such as the Red Cross. But in the end, this money will only end up in the pockets of the Cyber attacker, or some other illegitimate organization.
It will contain a suspicious attachment:
Most legitimate business entities or even individuals will not send you an attachment unless you have specifically requested one. Sometimes, Phishing E-Mails will contain an attachment, which will very often be in a .DOC or .XLS file extension. It will look like that these attachments are coming from somebody you know. These attachments contain a malware or a spyware executable program which will launch onto your computer or wireless device once they are downloaded and opened.
Solutions such as TXSandbox are used by email providers or corporate users to dynamically scan and safely detonate executable content that is attached to emails or URL links. This is especially valuable when the content has been recently been updated and where AV signatures may not be robust enough to detect the newly modified object.
Protection and Recommendations
Never click on links in an email to a website unless you are absolutely sure that it is authentic. If you have any doubt, you should open a new browser window and type the URL directly into the address bar.
Be wary of emails asking for confidential information – especially if it asks for personal details or banking information. Legitimate organizations, including and especially your bank, will never request sensitive information via email.
You should always use a secure website (indicated by https:// and a security “lock” icon in the browser’s address bar) to browse and when submitting sensitive information online, such as credit card details. Many modern web browsers label sites that do not offer appropriate protection.
Use advanced endpoint security protection such as TXShield as this will protect you from malicious files that can be downloaded from email attachments or embedded URL links.
Our next blog will examine a new variant – Spear Phishing.