Job descriptions in every industry can be widely diverse, and so it is in the crime industry. Whether real-world crime or cybercrime criminals specialize. Some criminals steal cars, some crack safes – and the same goes for cybercriminals: some steal data and sell it on the Dark Web, some use Ransomware to elicit cybercurrency from the victims. Some are small time, hitting smartphone users for a few hundred dollars, and some are big time – like the hackers that hit the Colonial Pipeline with ransomware for millions of dollars two years ago.
As quickly as new criminal methods are developed, existing methodologies continue to evolve and adapt. The #1 tactic that cybercrooks use, particularly those that specialize in Ransomware, is still some form of Phishing, and the #1 method of attack is still email, although texting attacks are on the rise.
Phishing schemes are carried out with a number of variations. Fortinet dives deep on the subject and lists 19 types of Phishing attacks and gives examples HERE.
Among those explained by Fortinet, the top 4 are:
~ Spear Phishing
~ Vishing
~ Email Phishing
~ HTTPS Phishing
A noteworthy sub-category of email phishing has that has taken off since 2020 is Reply-Chain Phishing, also known as an email chain attack. The tremendous upswing is a direct result of the COVID surge of employees who now populate the world’s remote workforce.
Standard phishing attacks are easy to spot: a new email arrives in your inbox that is out of the ordinary – things you usually don’t receive like billing inquiries or FedEx tracking alerts. An observant and trained user should be suspicious and forward it to their IT services.
Reply-chain phishing is cagy, wherein the hacker enters an established email conversation – usually between participants with a good measure of trust for each other.
The email credentials of a participant would have been compromised to enable this type of attack. The crook logs in and finds vulnerable email chains the user participates in – preferably one where attachments and/or external internet links are traded back and forth. It is then easy for them, posing as the known user, to send links or attachments containing malware to other participants.
Once the criminal is in control of the user’s email, they can also change the settings so that when a participant who has been infected tries to alert the original user, those emails will go straight into the trash.
If you notice something odd taking place in an ongoing email conversation – a subtle change in the direction of the discourse, or participants using unusual writing patterns, the hairs on the back of your neck should start to stand on end. If you find yourself wondering, ‘what’s this attachment for?’ then you need to take a closer look.
10 Signs you are Being Phished
With the increase in ransomware attacks that are typically instigated through phishing emails, it is critical to take proactive measures to protect your organization's data and Cybersecurity.
One thing that makes a big difference in reducing an organization's overall risk of infection is having computers that are up to date and patched.
Being vigilant in detecting phishing emails and educating employees in your organization to be proactive is a critical step in protection.
1) Don’t automatically trust the sender
Just because it says it’s coming from person you know or trust doesn't mean that it is really from them. Be sure to look at the email address to confirm the true sender.
2) Look but DO NOT click
Hover the mouse cursor over parts of the email (links or attachments) without clicking on anything. If the alt text looks strange or doesn't match what the link description says, don't click on it - report it.
3) Check for spelling errors
Attackers are often less concerned about spelling or being grammatically correct than a normal sender would be, however, criminals are getting better about their spelling.
4) Evaluate the salutation
Is the salutation general or vague? Does it say “valued customer” or "Dear [insert title here)”?
5) Beware of emails asking for personal information
Legitimate companies are unlikely to ask for personal information in an email.
6) Be suspicious of urgency
These emails might try to make it sound as if there is some sort of emergency (e.g., the CFO needs a $1M wire transfer, a Nigerian prince is in trouble, or someone only needs $5,000 so they can regain access to their millions that are frozen (of course, there’s a big reward for you).
7) Check the email signature
In business, most legitimate senders will include a full signature block at the bottom of their emails.
8) Be careful with attachments
Attackers like to trick you with really enticing attachments. It might be anything from a list of ‘winners’ that includes you to a fake icon of Microsoft Excel that isn't the spreadsheet you think it is.
9) Don’t believe everything you see.
If something seems slightly out of the norm, it's better to be safe than sorry. If you see something that seems off, report it to your IT support.
10) When in doubt, contact your SOC.
No matter the time of day, no matter the concern, most SOCs (Security Operations Centers) would rather have you send something that turns out to be legit than to put the organization at risk. Don’t worry about being ‘the boy who cried wolf,’ because even if the email is benign, your IT team will appreciate the fact that you’re paying attention. Just don’t routinely send every email you receive.
Frequently Asked Questions
What is the #1 cybersecurity threat today?
A: The #1 is Phishing. With its prevalence, it would be smart to take heed of the tips provided above.
What are some examples of phishing?
A: If the sender requests or entices you to perform a specific action:
Clicking an attachment
Enabling macros in a word document
Updating or confirming a password
Using a new Wi-Fi hot spot
Responding to a social media connection request
What is ransomware in simple terms?
A: With a Ransomware attack, a user clicks on a malicious link or attachment in a phishing email and the system locks up, all data is then encrypted, and a screen appears telling the user that they must pay a ransom for a decryption key that will allow them access to their data again.
How do you know if you have malware?
A: If it’s Ransomware, you will know right away when your screen locks up and demands a ransom. Indications of other infections are:
System crashes
Computer slows - becomes sluggish
A barrage of unwanted ads
Loss of disk space
Browser settings/home page are suddenly changed
Increased internet activity
Loss of access to files/applications
Antivirus turns off
How secure is your network?
As a longstanding, reputable member of the Charlotte IT Support community, ITFirm.com offers a FREE, no-risk network and security assessment. We perform a non-intrusive scan that allows us to deliver a comprehensive report of the state of your system and its vulnerabilities that is yours to keep. There are no strings attached, and you are under no obligation to ever use our IT Services.
The two best defenses are next-generation Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider to ensure continued reliability and defenses against newly emerging threats.
We put our 100% Money Back Guarantee in writing, so there is no risk in trying us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.
Among the Managed IT services we provide:
IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)
Planning an Office Move?
Contact us today! We have the experience to ensure a seamless transition, from computers and peripherals, to workstations, servers, and VoIP phone systems. After the move, your employees will arrive at the new location to find their IT infrastructure ready and open for business!
For more information on office moves, or to receive your FREE no-risk network and Cybersecurity assessment, just fill out the form on this page or call us at:
704-565-9705
