Cybercrime is on the rise, and hackers are using any opportunity to take advantage of an unknowing victim to gain access to personal information for financial gain. The new ‘work from anywhere world’ puts everyone at risk to cyber attacks, especially because threats are harder to track over home networks. The blurred lines between home and work create security nightmares if safety protocols are ignored, or don’t exist. One commonly used tactic is phishing.
Phishing messages are crafted to deliver a sense of urgency or fear with the end goal of capturing a person’s sensitive data. If your employees fall prey to phishing scams while working from home, it can affect your company network by transferring malware and viruses over internet connections. One phishing email has the power to cause downtime for your entire business and unfortunately the scams are getting more sophisticated on a daily basis, thus harder to detect.
Here Are Five Different Types Of Phishing Attacks To Avoid:
1. Spear Phishing
Attackers pass themselves off as someone the target knows well or an organization that they’re familiar with to gain access to compromising information (e.g., credentials or financial information), which is used to exploit the victim.
Whaling is a form of spear phishing with a focus on a high-value target, typically a senior employee within an organization, to boost credibility. This approach also targets other high-level employees within an organization as the potential victims and includes an attempt to gain access to company platforms or financial information.
3. Mass Campaigns
Mass phishing campaigns cast a wider net. Emails are sent to the masses from a knock-off corporate entity insisting a password needs to be updated or credit card information is outdated.
4. Ambulance Chasing Phishing
Attackers use a current crisis to drive urgency for victims to take action that will lead to compromising data or information. For example, targets may receive a fraudulent email encouraging them to donate to relief funds for recent natural disasters or the COVID-19 global pandemic. According to Google, it has been reported that cybercriminals have sent an estimated 18 million hoax emails about COVID-19 to gmail users every day.
Pretexting involves an attacker doing something via a non-email channel (e.g., voicemail) to set an expectation that they’ll be sending something seemingly legitimate in the near future only to send an email that contains malicious links.
What To Do If You Think You’ve Received A Phishing Email?
First, to help identify it as a phishing email, check to see if the signed-by field was generated by a DomainKeys Identified Mail (DKIM) or a service. DKIM is a good first step in email authentication and is a technical solution to prove that an email is not fake.
For example, if you received an email from [email protected], you would see a DKIM in the signature that looks like this: technology-com.20150623.gappssmtp.com. This is how all emails through a domain are processed.
Emails shared through a service (e.g., Drive, Calendar, Dropbox, Box, etc.) do not have a DKIM. Instead, you would see the signature of the provided service (i.e., signed-by dropbox.com).
If you receive a file, and it is not signed by google.com, gmail.com, dropbox.com, it is likely phishing – delete it immediately. It’s important to remain vigilant and proceed with caution in these circumstances. Be careful!
Phishing scammers are impersonating file sync and share platforms and sharing fake documents or folders in an attempt to infect your computer.
VMware Global Incident Response Threat Report Declares Surge in Sophisticated Cyberattacks
October 2020, VMware released its sixth Global Incident Response Threat Report – “The Cybersecurity Tipping Point: Election, COVID-19 Create Perfect Storm for Increasingly Sophisticated Cyberattacks.”
It was discovered that the rapid shift to the remote work environment combined with the accelerated power of the dark web had fueled the expansions of the eCrime groups.
The report revealed that the global pandemic’s cybersecurity challenges are now colliding with the 2020 U.S. elections resulting in a surge in cyberattacks. This report is based on an online survey of eighty-three incident response and cybersecurity professionals worldwide in September 2020.
The key findings of the VMware Global Incident Response Threat Report survey are:
- Incidents of the counter (incident response) IR are at an all-time high, occurring in 82% of IR engagements – suggesting the prevalence of increasingly sophisticated, often nation-state attackers, who have the resources and cyber-savvy to colonize victims’ networks. Destructive attacks, which are often the final stage of counter IR, have also surged, with respondents estimating victims’ experience 54% of the time.
- 55% of cyberattacks target the victim’s digital infrastructure for the purpose of island hopping. The pandemic has left organizations increasingly vulnerable to such attacks as their employees to shift to remote work – and less secure home networks and devices.
- Custom malware is now being used in 50% of the attacks reported by respondents. This demonstrates the dark web-scale, where such malware and malware services can be purchased to empower traditional criminals, spies and terrorists, many of whom do not have the sophisticated resources to execute these attacks.
- As we approach the presidential election, cybersecurity remains a top concern, and nation-state attackers pose a significant threat. Drawing upon their security expertise – and in line with recent advisories from Cybersecurity & Infrastructure Security Agency (CISA), 1 – 73% of respondents believe there will be a foreign influence on the 2020 U.S. presidential election, and 60% believe a cyberattack will influence it.
- The disruption caused by Covid-19 in the form of a rapid shift to the remote work environment has resulted in presenting a massive opportunity for these eCrime groups to restructure their ‘for profit’ business models. Besides, the power and scale of the dark web have accelerated the expansion of these e-Crime groups.
If you have questions or concerns about your business’s security, email us at [email protected] to address your distress.
Download the PDF to read the full newsletter