Foundations - The IT Blog for SMB

Foundations - The IT Blog for SMB

Going Phishing?

Posted by Alden Gleason on October 24, 2017 9:00:00 AM CDT
Find me on:
Going_Phishing.jpg
Phishing is a technique hackers use to convince individuals into giving up their usernames, passwords and other personal information. The concept is simple, send an email that looks official from a friend, colleague or service provider. That email contains a link to a login form that looks and behaves like websites we use everyday. The person receiving the email doesn’t think twice about entering their normal login. Now the hacker is now in possession of their stolen identity. The hack doesn’t stop there. Next the hackers will use the new stolen identify to convince others to login to their malicious website. The hack will continue to work up in an organization until they reach the credentials of top executives. These executives typically have access to internal documents, finical data, proprietary information and hold access to critical systems that support the organization.

Spearfishing is when an attacker focuses his efforts on one specific target. The hacker will collect personal details about a specific individual through their social media profiles, blogs and public databases. This will help them form a bait email that has a higher likelihood of success. Once someone has fallen victim, the hackers will install a backdoor into the users computer and begins exploring the network moving latterly from device to device. Once the attackers locate what they are looking for they will send a copy of the data to their servers. Many sophisticated attacks will attempt to remove traces and logs to prevent discovery of what has occurred.
 

Texas 24 believes in a layered approach to stop successful phishing attacks
:
 
  1. Identify
    Learn to identify phishing attacks. Start a discussion with your coworkers and participate in online training courses to teach you how to identify a threat.

  2. Block
    Invest in security products that will prevent employees from accessing potentially harmful or malicious websites. 

  3. Alert
    Subscribe to services that monitors the Dark Web and other private sources to be alerted when a breach occurs.
 
One of the most common questions is what does a Phish look like? 
It's important to remember that a Phish comes in all shapes and sizes, some may even use your company logos. The following is an example of an email we received from a vendor we do business with. 

Phish_Email.jpg
When we follow the link, which appears to be a pdf document, we are directed to a web page that looks similar to the office 365 portal. 

Phish_Screenshot1.png
 
After selecting the Office 365 logo, we are prompted for our credentials on a page that looks like the office 365 sign in portal.
 

Phish_Screenshot2.pngHere are some tips to help you identify Phishing emails:

  1. Are you expecting an email from that individual with an attachment or link?
  2. Does the from email address match the senders name?
  3. Does the email contain any discrepancies in the way its written? Spelling, Grammar, Company names etc.
  4. Is the time the email sent a normal time you'd expect to receive an email?
  5. Scroll your mouse over any links without clicking to check to see if they are going to known websites. In the following example you can see the link goes somewhere suspicious. 
    bad_link.png

While these tips are helpful, they are not foolproof. Contact us today, and we can build your organizations information security strategy. 

 Schedule an Evaluation

Topics: Phishing, Malware, Managed Security, Security, Patches