facebook linkedin twitter

Computerware Blog

Let’s Take a Look at Phishing Attacks

Let’s Take a Look at Phishing Attacks

Phishing attacks are growing in number and it presents a major challenge for businesses. The many different forms that these attacks come in just exacerbates the problem. Today, we will take a brief look at phishing to help you educate your staff on what they entail and how to mitigate the massive risk that comes with them. 

Phishing Attacks

A phishing attack comes in as communication from a trustworthy source as to fool the recipient to interact with it. This could be in the form of an email, a text message, a phone call, or really any other form of direct communication. The goal is to manipulate the recipient into providing access credentials to network-attached resources so they can steal data or deploy malware. 

Since phishing can come in several different forms, it is an effective way to breach your network defenses because the scammers are given access, they don’t have to try and outright breach your network defenses, which in many cases are extremely hard to hack into. Let’s take a look at some of the ways these scams are disseminated.

Business Email Compromise

In a business email compromise scam, the scammer will send an employee an email that, at first glance, comes from an authority figure inside of the business. The messages will be quite vague, but direct the recipient into taking some type of action that will allow the hacker to gain access to resources. Many employees will not think twice when their manager tells them to complete a task, so phishing attacks of this type are successful because people don’t take the time to ascertain that the message isn’t actually from anyone. 

Hackers use this method because they work. In Q2 of 2020, successful business email compromise scams averaged $80,193. 

Clone Phishing

One of the most successful phishing scams is using a clone of a message a recipient would have seen before. By gaining access to data beforehand, the hacker can customize a message that looks like one they have received previously. Typically, this type of familiarity removes any suspicion that the message is actually from a scammer. The links are altered to reroute to a site where scammers collect more information. Pretty crafty way to steal credentials. 

Smishing

Email may be the predominant way that phishing is pushed to people, but it isn’t the only way. Smishing attacks are carried out through text messaging. Most people are much less careful about opening and interacting with text messages than they are with their email, and as a result scammers have started pushing phishing messages that look like legitimate messages through SMS. If you also consider that mobile devices often don’t uphold the same security standards that PCs do, users are more vulnerable through an SMS attack. 

Spear Phishing

The spear phishing attack is probably the most dangerous of the phishing scams. First of all it is deliberately designed for a single user. The hacker, in this case, has already done their due diligence and chose their target based on information they already have about the target. Since these attacks take more time to properly execute, spear phishing is typically carried out against high-value targets. The success rate of these attacks are significantly higher than your average, run-of-the-mill phishing attack

Vishing

Another take on phishing, vishing is just phishing over the phone. A scammer will call a target under the guise of a salesperson or finance professional, and because of their perceived legitimacy, the scammer can typically extract information that will help them gain access to computing resources, or at the very least the target's personal or financial information.  

Whaling

Whaling is a phishing attack, typically a spear phishing attack, aimed at business owners, decision makers, and executives at businesses. These attacks, because they are aimed at people who have access to everything, often are well planned; and, if successful often result in the biggest bounty for the perpetrator.

Phishing is a Serious Threat

You need to have a strategy in place to combat phishing as it is not going anywhere, anytime soon. If you would like to talk to one of our consultants about developing a plan to train your people about phishing attacks and what to do if they come across one, give us a call at (703) 821-8200 today.

Different Communication Applications to Assist You...
How To Keep Burnout From Impacting Your Productivi...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, January 23, 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cwit.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Privacy Software Internet Cloud Data Hackers Business Management Workplace Tips Hardware Network Security Microsoft Productivity Backup Business Hosted Solutions Email Managed Service Provider Productivity IT Services Saving Money Malware Efficiency Innovation Google Small Business Collaboration Computer User Tips IT Support VoIP Data Backup Quick Tips Smartphones IT Support Network Data Recovery communications Mobile Devices Microsoft Office Business Continuity Android Disaster Recovery Gadgets Smartphone Cybersecurity Phishing Communication Social Media Upgrade Mobile Office Server Virtualization Mobile Device Miscellaneous Users Mobile Device Management Managed IT Services Windows Ransomware Passwords Holiday Operating System BDR Vendor Management Outsourced IT Internet of Things Tech Term Apps Windows 10 Remote Monitoring Facebook Unified Threat Management Automation BYOD Mobile Computing Data Management Remote Computing Apple WiFi Managed IT services Analytics Covid-19 Windows 10 Training History Marketing Spam The Internet of Things Cloud Computing Managed Service Browser Help Desk Artificial Intelligence Save Money Business Technology Firewall Big data App Bandwidth Health Encryption Alert Office 365 Budget Information Technology Two-factor Authentication IT Consultant Office Information Maintenance Printer Hard Drives Content Filtering Managed IT Going Green Gmail Access Control VPN Government Windows 7 Wi-Fi Networking Bring Your Own Device Cybercrime Blockchain Antivirus Search Cost Management Healthcare Document Management Hiring/Firing Virus Tech Support Best Practice Lithium-ion Battery Computers Saving Time Recovery Employer-Employee Relationship Remote Work Retail Wireless Technology Outlook Windows 8 Hacking Computing Avoiding Downtime Humor Project Management Vendor Money iPhone Customer Service IBM Phone System Conferencing Storage Augmented Reality Travel It Management Education Data Security Patch Management Update Data Loss Risk Management Value Password Hacker Save Time SaaS Data Breach Router Downtime Remote End of Support File Sharing Hard Drive Law Enforcement Mobility Applications Compliance Proactive IT Solid State Drive Computer Repair Running Cable Data storage Flexibility Wireless Customer Relationship Management Meetings Current Events Intranet Website Twitter Laptop Voice over Internet Protocol PowerPoint Legal Administration Regulations Fax Server Scam Net Neutrality Cortana Management Paperless Office Chrome Employee/Employer Relationship Business Intelligence Sports Digital Payment Vulnerabilities Disaster Cooperation Hosted Solution Robot Digital Websites Google Maps Comparison Tablet Securty User Company Culture Social Engineering Virtual Desktop Software as a Service Social Networking Excel Social Black Market Employees DDoS Cryptocurrency Private Cloud Business Growth Telephony Monitoring Machine Learning Word Telephone Systems Multi-factor Authentication YouTube Lifestyle How To Managed Services Redundancy Telephone Unified Communications Settings Public Cloud Licensing Managed IT Service Inbound Marketing Processors Identity Theft Evernote Notifications Virtual Assistant Computer Accessories USB Processor Presentation Smart Devices IT service Pain Points Politics Start Menu Tech Terms Trending Virtual Reality Emails Mouse Specifications Safety Video Conferencing Automobile Mobile Technology Distribution Bluetooth Solutions Chromebook Programming Professional Services eCommerce Uninterrupted Power Supply Statistics Documents Computing Infrastructure Hack Heating/Cooling Network Congestion Vulnerability Entertainment How To Teamwork Bitcoin Cost Memory Integration Google Docs Download Gaming Console User Error Holidays Data Protection Experience Co-managed IT Streaming Media Monitors Cleaning Taxes Managed Services Provider Text Messaging Downloads Webcam Office Tips Microchip Time Management eWaste Distributed Denial of Service Display Shortcut 2FA Displays Employer Employee Relationship SSID Managing IT Services Society G Suite Dark Web Free Resource Assessment SharePoint Micrsooft Hacks Physical Security Processing Tip of the week Device Management Troubleshooting 3D Ebay Wireless Headphones Surveillance Health IT Google Calendar Entrepreneur Thin CLient Migration Connected Devices Telework Wasting Time Touchscreen News HIPAA Content Management Equifax IT Fleet Tracking Relocation Best Practives Tablets Logistics Virtual Machines VoIP Smart Phones Environment Business Managemenet Network Management Remote Workers Drones Banking Botnet Competition Device security MSP Cyber security Knowledge Electronic Payment Virtual Private Network Sync Bookmark Consultation Finance FinTech CCTV Microserver Google Play Telephone Service Business Owner online Currency Adminstration Pirating Information Nanotechnology Development Social Network Permissions Language Employer/Employee Relationships Technology Tips Leadership Desktop Managing Costs Fake News IP Address Startup Asset Tracking Reliable Computing Microsoft 365 Audit Business Cards Service Level Agreement Data Storage Business Metrics Computer Malfunction Data Warehousing Application Username Reviews switches Writing Get More Done Medical IT Trend Micro LinkedIn Human Resources Unified Threat Management Backup and Disaster Recovery Procurement Music In Internet of Things Browsers Gamification Organization Upgrades Turn Key Security Cameras Threats Emergency Hard Drive Disposal Screen Reader Customer Resource management Printer Server User Tip Proactive Maintenance Access Navigation Virtual Machine Microsoft Excel Archive Smart Tech Communitications LiFi Scalability Trojan Computer Care Skype Piracy Upload PCI DSS Motion Sickness Google Drive Windows Server 2008 Digital Signature Upselling HTML Shopping Messenger Tracking Fiber-Optic Database Supply Chain Management Organize Data Analysis Mobile Security AI Deep Learning Rental Service GDPR Managing Risk Video Surveillance Internet Service Provider Telephone System Work/Life Balance Printers SQL Server Spyware Mobile Payment Point of Contact Tech Hypervisor Multi-Factor Security IT Assessment Visible Light Communication Cabling Electricity Printing Saving ZTime Software License Trends Regulations Compliance Web Server Devices Gig Economy IT consulting Books Workers PDF Fraud Tactics Remote Working Administrator Fileless Malware Hybrid Cloud Best Available Harddrive Keyboard Analytic UTM Content Supply Chains Supercomputer Modem Strategy Recycling Debate Webinar Proxy Server Azure cache Television Term GPS Domains Legislation Electronic Health Records Error Advertising Flash Worker Electronic Medical Records Transportation WannaCry Product Reviews IT Plan Enterprise Resource Planning Financial Data CIO Freedom of Information Public Speaking Read Accountants Memes A.I. Smartwatch Windows XP Reading Samsung Recording Optimization Corporate Profile External Harddrive email scam Addiction Staffing Google Wallet Directions CrashOverride CES Personal Information Capital Financial Productuvuty Managing Stress Regulation 3D Printing

toner1