Phishing campaigns come in many different shapes and sizes. Some are obvious and indiscriminate, luring only the most naive of victims (like a phish from that "long-lost uncle" who just needs your routing number to give you $100,000), while other are more sophisticated (like those from an "executive" with a big bank account or key holders to confidential company documents). To help you better understand what phishing is and who “phishers” are after, we’ve answered some common questions about phishing, how to identify it, and how to prevent it.
What are the most common phishing schemes?
There is no one phishing scheme, but all phishers try to make themselves, their emails or their malicious websites look as legitimate as possible. That long-lost uncle we talked about earlier? He doesn’t sound so legitimate--unless you have incredibly good luck, and, even then, you’d think your uncle would want to meet you first. Other schemes are much more sophisticated, involving the downloading of company logos and using company color schemes/images in their emails. The point is, all phishing schemes are intended to convince someone that they are from someone or some entity that that person should entrust with their private information.
What are the different types of phishing?
- Spear phishing: This type of phishing targets specific individuals, companies and organizations to gather personal information. It is a fairly successful method, accounting for more than 90 percent of attacks. Spear phishing is still very broad, as each hacker is going to have a different targeted audience. However, just because this type of phishing is broad does not mean that it is not convincing. Some refined phishing campaigns take users to websites that are consistent with the company’s branding guidelines, complete with a link to report phishing attempts.
- Clone phishing: This one is sneaky. Clone phishers replace legitimate, previously delivered email content with malicious content and attachments. They often get away with it by claiming that they are sending an updated version of the previous email. It’s not uncommon for hackers to get access to the previous legitimate email via malware that has already been downloaded.
- Whaling: Just what it sounds like, whaling is when phishers are after the “big phish.” Common examples include a subpoena being delivered to a CFO for fraud or a customer complaint to the director of customer service.
What should I be wary of?
Grammatical errors should always be cause for pause. While copywriters and editors may make the occasional typo in their emails (much to their humiliation when customers start emailing their typos in), companies that phishers try to imitate, like Amazon and MasterCard, can afford to hire good spellers.
Emails that are formatted differently than normal are also warning signs. It’s one thing for a website or logo to get a facelift. It’s quite another for a company that would normally have purchase information in the body of the email to put it in .zip attachment. And can you remember making that purchase to begin with?
Additionally, your credit card company knows your full account number, complete with the exact spelling of your name as it appears on the card, the security code, the billing address, and expiration date. That’s why, for authentication, the credit card company would never ask you for all of that information. Depending on the scope, it typically would ask for one or two pieces of identifiable information, and a security question for verification. And, when in doubt, you can always call the company in question and speak to a representative. He or she will be able to tell you if it’s a legitimate email or not.
Is there anything else I can do to prevent a phishing attempt?
Yes! While it’s great to familiarize yourself with the latest trends in IT security, the easiest way to prevent a phishing attempt on your network is to adopt a layered security approach.
Although there is no “silver bullet” to prevent malware attempts like phishing, a combination of email filtering and Web protection solutions can work together to block malware from gaining access to your network. Email spam and virus filtering is an excellent start to keep malware from being delivered by email, but what about when surfing the Web? Email filtering and Web protection solutions, together, can keep your network safe so you can focus on more important tasks.
If you have questions about how to keep you organization secure from online threats, please contact AppRiver for more information.