Posts Tagged Phishing

How To Identify Signs Of A Phishing Attempt?

Organizations of all sizes are subjected to regular, highly sophisticated phishing attempts. Expecting IT and security teams to identify and combat all phishing attacks solely through technology is impractical. Phishing can take many forms, but it is essentially any email attack that is aimed to get the recipient to take a specific action. Phishing emails are now being meticulously researched and concocted to target specific receivers. So, how can you raise awareness about it and train your team to recognize a phishing email?

Phishing emails frequently include a variety of red flags that, if detected by the receiver, can prevent the attack from succeeding. A few red flags as mentioned below suggest the authenticity of any email: –

  1. Addressing, greeting, and context of the email: When reading a phishing mail, the first thing that generally raises suspicion is the words, tone, and figure of speech. In most of the mails, someone impersonating as a coworker may suddenly becomes overly familiar, or a family member may become a little more professional.
  2. Unfamiliar looking email ids, URIs: Looking for suspicious email ids, URIs (Uniform Resource Identifiers), and domain names is another simple approach to spot a potential phishing scam. It’s recommended to double-check the originating email ids against previous similar correspondence done. If the email contains a link, hover the pointer over the link to see what pops up. Don’t click if the domain names don’t match the links.
  3. Threats or high level of importance: Any email that threatens unpleasant repercussions should be viewed with caution. Another strategy used by criminals is to convey a sense of urgency to encourage, or even demand, urgent action from the receiver in order to confuse them. The fraudster expects that by reading the email quickly, the content will not be thoroughly reviewed, allowing additional phishing-related irregularities to go undetected.
  4. Attachments are the root cause of all evils: Be wary of emails with attachment(s) from an unknown sender. When the recipient did not request or expect to receive a file from the sender, the attachment should not be opened. If the attached file contains a file extension that you have never heard of, be cautious. You can flag it for an anti-virus scan before opening it.
  5. Irrelevant follow-ups: In a follow up email of some previous correspondence, if the correspondence requests something unusual, could be a sign of fraudulent communication. For example, if an email purports to be from the IT team and requests you to install a program or click a link to patch your asset whereas all patching is typically handled centrally. It is a strong indication that you’ve received a phishing email and should not follow the instructions.
  6. Concise and precise: While many phishing emails will be crammed with information in order to provide a false sense of security, others will be sparse in order to capitalize on their uncertainty. A scammer may send an email impersonating a familiar connection with some irrelevant text, for example – “Are you up for a profitable business venture with me?” and an attachment “Business Proposal”. These kinds of emails are usually sent to 9 to 6 working professionals who are looking to make side-income apart from their primary profession.
  7. Recipient didn’t initiate the email thread: As phishing emails are unsolicited, a common red flag is to inform the receiver that he or she has won a reward. The recipient can be lured to qualify for a prize if they reply to the email, or will receive a discount if they click on a link or open an attachment. There is a significant likelihood that the email is questionable if the receiver did not initiate the dialogue by opting in to receive marketing materials or newsletters.
  8. PII (Personally Identifiable Information) requested: When an attacker creates a false landing page that users are directed to via a link in an official-looking email, often some sort of credentials, payment information, or other personal information is asked.
  9. Grammatical errors: The use of poor grammar and spelling is another prevalent symptom that raises a red flag. As most firms have the spell check feature turned on in their email client, you’d expect emails from a professional source to be free of errors in language and spelling.

Sifting through the numerous reports to eliminate false positives is difficult and cumbersome. So, how can a business prevent phishing emails and spot phishing attacks? One strategy is to give priority to notifications from individuals who have a history of correctly recognizing phishing messages. These prioritized reports from employees help the SOC (Security Operations Center) team quickly respond to possible phishing attempts. This reduces the risk to individuals and business partners who could fall prey to such phishing campaigns.

To know more about various cyber-attacks and methods to prevent them, contact Centex Technologies at (254) 213 – 4740.

, , , , , ,

No Comments

What Is Whaling Attack?

PDF Version: What-Is-Whaling-Attack

, , , ,

No Comments

What Is W-2 Phishing Attack?

W-2 phishing was launched with an intention to swipe away your tax refund. More than 100 employers became victim of W-2 phishing attack in first 10 weeks of 2017, putting 120,000 taxpayers at risk of an identity fraud. As per statistics by IRS Return Integrity Compliance Services, reports of W-2 phishing emails increased by 870% in 2017 and the figures are quite alarming.

How Is It Launched?

The cybercriminal shall send an email in which he might impersonate himself as the CEO of the company. The email contains an urgent request to send employee tax information. On receiving the email, the concerned employee often sends the file and hands over confidential & personal employee information to the fraudsters.

W-2s are important forms that are attached when one files their tax return. It contains a person’s confidential information such as name, address, income, social security number etc. Employee’s sensitive information is acquired from W-2s to commit an identity fraud.

Following are some ways in which this information can be misused –

  • Your social security number can be used to claim a duplicitous tax refund.
  • Take a loan on your name
  • Open up a new credit card
  • Make payments from your account

Ways To Protect Yourself From W-2 Phishing Attack

  • Raise Awareness – Since W-2 phishing attacks are on rise it is important to keep your staff aware about the phishing scam. Make sure that you educate your employees on regular basis about the recent phishing scams. It is important that your staff that deals with all the financial statements and tax information is aware about the W-2 and other similar threats.
  • Set Relevant Policies – To protect your company from such attacks, it important to set up some secretive policies and communicate them to your employees. There should be policies that decide what kind of requests should be catered to through an email. For e.g. when there is a policy that top executives would never ask for sensitive information via email, then the concerned employees would not be deceived by any fraudulent email asking for employee credentials. Also it is important to be vigilant when responding to any email.
  • Flags Spam Emails – If you are able to identify a W-2 phished email then flag it and forward it to your employer and other concerned employees to prevent them from falling into a trap.
  • Verify The Sender – Make sure that your employees do not revert to an email sent from an untrusted source. Follow a practice of reconfirming the request of sending any confidential information with the concerned executive once, before actually sending it.It is important to stay alert about such attacks to take preventive measures well in advance.

For more information about IT Security, call Centex Technologies at (254) 213-4740.

, ,

No Comments

What Is Vishing & How To Avoid It

Vishing is the term used for voice or VoIP (voice over IP) phishing. It is a social engineering attack that is launched with a primary goal to extract user’s confidential information and is usually done using an automated dialing and voice synthesizing equipment.

Vishing works just like any other phishing scam. The imposter generally pretends as someone from the bank or as a government representative seeking information. Sometimes, the fraudster may even use voice to text synthesizers or recorded messages to masquerade himself. The attack is launched with an intention to gain access to a person’s PIN number, credit card details, passwords, social security number etc. In most cases, the scammer is successful in making the victim part with their credentials.

When a vishing attack is launched, either of these things happen 

  • A person will receive a call. On answering that call, an automated voice system will ask the victim for their personal information.
  • Sometimes, a fraudster will call the victim and inform that they should call their bank to avail some offer or to provide certain information. The victim then hangs up the phone to dial bank’s number but fraudster doesn’t and keeps the lines open. Victim hears a spoofed dialing tone and some other scammer answers the phone call. They impersonate their identity as bank official to steal the required information.

How Do They Obtain Your Number?

There are several possibilities by which the fraudsters obtain your number. Some of which are

  • Using stolen phone information
  • Auto – generated numbers
  • Numbers and details compromised in a previous data breach

Techniques Used By Them

  • Impersonate As Genuine Callers – There is high probability that these scammers already have your personal information and address you as genuine people over the phone.
  • Holding The line – Sometimes, cyber criminals hold your call. They then direct your call to another scammer when you call them back.
  • Sense Of Urgency – The most common approach is to incite fear in the mind of a person. The caller makes the victim believe that their money is in danger. He/she then acts hastily without thinking much and commits the mistake of sharing their confidential information with the fraudster.
  • Phone Spoofing – The number from which the call comes seems to be genuine and so you believe what the caller says, often ending up in sharing your login credentials or passwords.

How To Avoid Them

  • Never Share Your Personal Information Over The Phone – If you pick a call that seems to be from a legitimate caller, never share your personal information over the phone in the first place. No bank or government institution will ask you to provide your credentials over the phone. In case they do, then ask the caller’s name and tell them that you would call them back after some time. Search for the bank’s official number and inquire from them about the call.If you sense something suspicious then there are chances that the call was a vishing attack launched at you.
  • Use A Caller ID App – There are numerous apps such as Truecaller that allow you to know the callers identity. It has billions of spam numbers locked in their database and if you come across such a number then you can also add it to their spam database.

For more information on IT Security, call Centex Technologies at (254) 213-4740.

, ,

No Comments

Common Phishing Attacks And How To Protect Against Them

Phishing attacks are launched to steal sensitive user data comprising of passwords and important login credentials. The attacker generally masquerades itself as a legitimate sender and sends an email, message or link infected with malware. It is a type of social engineering attack that can have devastating results. There are numerous types of phishing attacks, here we have listed few:

Deceptive Phishing
It refers to an attack in which a hacker deceives the user by impersonating as a legitimate website but steals away a person’s personal information. An email with malicious content often posing as a threat or urgent message is sent to force the user to click it. For example, sometimes they send the user an email posing as a mail from their bank regarding some discrepancy in the account. The user, often in all the haste, clicks on the link and is directed to an illegitimate site that steals away their passwords & login credentials.

Spear Phishing
The hacker personalizes the attack. Emails are specifically addressed and have the target’s name, position, company name etc. mentioned in them to win the user’s trust. This is done to dupe the user and make them click on the malicious link. When once the user parts away with their confidential information, their login credentials and sensitive data is stolen.

Whaling
In this type of attack, the executives at the highest level are targeted. Generally the employees at top level do not undergo a security awareness training program which is why they are prone to cyber-whaling. An attempt is made to pitch the executives using specially designed emails or social engineered attacks. Then the attacker launches a BEC (Business Email Compromise) scam to use the executive’s email to initiate fraudulent wire transfer to a financial institution.

Pharming
This attack resorts to domain name system cache poisoning. The alphabetical website name is converted into numerical IP address which is used to locate computer devices. The attacker then directs the user to a malicious website even if the user entered a correct website name.

Mimic Phishing
An authentic website such as GoogleDocs, Dropbox etc. is mimicked to lure users to sign in. This way their passwords & login credentials are stolen.

How To Protect Yourself Against Such Attacks –

  • Carefully check the URL of the website before clicking on it.
  • Organizations must conduct employee training programs in which every employee should participate.
  • Companies must invest in software that have the ability to analyze inbound emails in order to keep a check over the malicious links/ email attachments.
  • Financial transactions should not be authorized through emails.
  • Only enter the websites that begin with – https as such sites are much secure.
  • Install a high quality anti-virus and update your system on a regular basis.
  • For more information on IT Security, call Centex Technologies at (254) 213-4740.

, , ,

No Comments