Four Phishing Attacks to Look Out For
May 13, 2019

Phishing attacks are still prevalent and organizations are continuously being targeted. According to a report from Proofpoint, 83% of businesses say they experienced a phishing attack in 2018. Phishing attacks are used to steal credentials/data and spread malware and ransomware to businesses. Just last month the city of Ottawa fell victim to a phishing scam and wired $130,000 to scammers.

Source: Proofpoint

Phishing attacks work because hackers are good at making their messages seem legitimate and people are not always paying attention when reading emails. Here are 4 types of phishing attacks and steps you can take to combat them.

1. Phishing messages via SMS or Messaging apps

Although phishing emails are still prevalent, hackers are also utilizing other forms of communication, such as text messaging and messenger apps, to target potential victims. These types of phishing attacks are similar to what you’ll see in email; the only difference is the method of communication. For example, instead of getting an email saying your account is compromised, you will get a message via text with a link. In some cases, they may send a phishing email but request the correspondence to continue via text and ask for your mobile number.

How to combat

Education and awareness is key to fighting phishing attacks. Employees should be enrolled in cyber awareness training at least once a year to make sure they are updated on the latest attack vectors. Cyber awareness training will also help employees think more critically about navigating online and learn how to build good security habits. They should never engage with unknown senders or click on any links in suspicious emails.

2. Business Email Compromise (BEC)

BEC scams involve impersonating a CEO or executive of a company or a business supplier/partner. The hackers then request a wire transfer of money or for the user to purchase gift cards. These scams usually involve building a rapport with the potential victim in order to build trust or having knowledge of a business’ suppliers to seem more legitimate. According to the FBI, BEC caused losses of $1.3 billion in 2018.

How to combat

Implement a warning message when users receive messages that originate from outside the organization. This can remind users to look closely at the emails they receive and to not download attachments/files from unknown senders. This can also help combat CEO fraud as messages from executives should originate from within the organization.

3. Credential attacks

Hackers targeting credentials will send phishing messages that try to steal them. This usually done by sending a message that entices you to log in. These messages can say you need to change your password or that there was a suspicious login. Some may say you have a tax refund or target credentials to your accounts on streaming services. These types of attacks will also provide a link to a fake website that looks legitimate. When you log in using these spoofed links, the hackers will be able to gain access to your credentials. This opens up the threat of malicious insider attacks, where hackers can use compromised credentials to steal data or spread more phishing emails to clients or business partners.

How to combat

To avoid clicking on fake websites, you should always hover over the link and inspect the URL before you click on it. If you are unsure if it’s legitimate, you should type in the website directly into the search bar.

4. Clone phishing

This attack takes a legitimate email and copies or “clones” the email to include a malicious link. This attack can be difficult to spot because it’s based on a previously delivered email. The attackers will also spoof the return email address so that it closely resembles the original sender.

How to combat

Implementing a secure email solution can help detect threats like phishing and spam. Secure IT – Mail includes several security features like Advanced Threat Protection to scan for suspicious email attachments, malware and malicious links.  Additionally, you can backup and archive your emails with Secure IT – Mail.

You May Also Like…

0 Comments

Submit a Comment

Your email address will not be published.

Solutions to Grow Your Business

We've got you covered with our comprehensive portfolio of solutions.

Cybersecurity Solutions

Cyber Incident ​Response
Endpoint Detection and Response (EDR)
Extended Detection and Response (XDR)
Firewall Security
Mail Security
Penetration Testing Services
Security Baseline Assessment
User Defence
Vulnerability Detection Response
Wi-Fi Security

Backup & Recovery Solutions

Hybrid Backup
Enterprise Backup
Mail Archiving

Helpdesk & Field Services Solutions

Monitoring and Management Solutions

Professional Services & Consulting Solutions

Public and Private Cloud Solutions

Azure Management and Monitoring
Microsoft 365 Administration
Private Cloud
Microsoft CSP

Your Partner in Digital Transformation

Helping the Next Generation of MSP and IT Solution Providers Transform and Grow

businessmans handshake

Partnership Overview

Jolera’s partner program offers flexibility to engage with us on your terms. We have spent more than two decades building award-winning best in class partner enablement and turnkey end-customer solutions for you.

progress

Partner Program

Jolera has three partner programs to choose from: Select, Preferred and Premier.

Learn About Us and The Legacy We Have Created

At Jolera, we treat each MSP partner with specialized care. With more than 20 years of IT experience, we offer the latest technology to navigate cloud, security, endpoint, and storage needs.

vintage pocket watch vintage background concept

About Us

Jolera is widely recognized as a global managed services leader. We started as managed services provider over 20 years ago and have been at the forefront of managed services innovation ever since.

progress

Our People

As a service provider our main goal is to make the customer happy. For that final goal, we need passionate and happy people working with us – Our People Are Our Biggest Asset.

progress

Our Leaders

We are performance driven at the core - tying together best of breed technology and industry leading expertise with pragmatic processes built to deliver outcomes.

Meet Our Leaders!