Don’t Take the Bait – Tips for Protecting Yourself Against Phishers

March 11, 2015   //   Security, , , , , ,

Over the past few years, attackers have gotten lazy. Instead of constantly trying to find new vulnerabilities by fuzzing away at applications, they have decided that it’s much easier to use social engineering to attack your weakest link, your users. Users in general are happy to help out when an email comes in asking them to click a link, open an attachment, or even send over financial details for wiring money. With more and more being piled onto employees’ plates today, they rarely question what is being asked of them which leads to a serious weakness in IT security. Attackers know this and have decided to exploit this weakness. Read my blog to learn more.

Enter the Email Phishermen, aka attackers who send malicious emails. There are two types of email phishing: general mass mail phishing where a large non-customized net is cast into the vast ocean of users with hopes of tricking a user to click a link, open an attachment or perform an action. Then there is a much more dangerous form of phishing called Spear Phishing. Spear phishing involves collecting and using detailed information about a victim using open source intelligence (OSINT) in order to further the chances that the victim carries out the requested action in the email. This intelligence information comes from benign places such as LinkedIn, Facebook, Twitter and even your company’s own website. Anything that you post online can be used in the attack. Once enough information is collected, the attackers craft an email with this customized information and send it to his or her victim. The emails typically contain a malicious link, attachment or request to turn over information or wire money. The body of these emails is written with information that the victim relates to and is thus tricked into trusting that the email is legitimate.

Here is an example of a spear phishing email:
phish-email

You’ll see in the email above that everything seems legitimate until we look closer at the details. The first thing that stands out is the signature block, the salutation “Kindly” is almost never used in the United States, but is commonly used by foreign attackers. We also see that the full name is used in the opener and in the message body there is an urgency for you to open the pictures. All things that are not normally included in casual conversation emails in the U.S. Finally, we notice the file that is attached that lists its extension as .JPG which is correct for an image file but upon further inspection, you will see that Windows is actually telling us this is a Screen Saver file. This is an indication that the malicious file is being masqueraded as a JPG file. Together these are all signs pointing to a malicious phishing email.

Identifying phishing emails has become even more difficult as attackers improve their techniques. These same types of phishing attacks led to the recent compromise of companies such as Target, Home Depot, Anthem Blue Cross, Sony and many others.

SWC offers a full Security Awareness Training Program that teaches your users how to spot malicious phishing emails and files. Our courses will walk your users through common techniques used, how to spot these attacks, what to do if you receive a phishing email as well as general end user security best practices. SWC also offers a phishing service where we take on the role of an attacker and send phishing emails to your users. This service allows you to determine if a weakness exists with your users and to what extent the weakness exists. This service provides a real world experience that tests your user’s security in a non-malicious way before the attackers do.

security-awareness-training

SWC has had several clients who’ve been victims of phishing attacks and fake tech support calls resulting in Cryptolocked systems, infected systems and even intellectual property theft. After completing our Security Awareness Training Program, these companies were able to dramatically reduce their risk of falling victim to these types of scams and meet compliance requirements.

Want to learn more? Join us for lunch!

For more information on advanced malware protection and security best practices, contact SWC or join us for our next complimentary Chicagoland Security Event. At this event, our IT security expert Tommy Montgomery, CISSP, ISSMP, CISM, GCFW and Certified Ethical Hacker will teach you more about the products, tools and tactics necessary to keep your organization secure and stay ahead of the bad guys.

SWC Chicago IT Events

Recommended Security Blog Posts

Want to learn more about cyber security? Check out some of our past posts.

Malware Protection | How to Prevent Another Sony Hack
How Can You Protect Your Organization From An IT Security Breach?
What Industries Are Facing the Most Security Issues?
What Are Some Mobile Security Risks?
Security Awareness: Tips for Protecting Your Online Identity from Hackers
Heartbleed Is Much Worse Than We Thought
From a Security Perspective, What is the Worst Case Scenario?
SWC Discusses Target Security Breach On Telemundo News Broadcast
The Fundamentals of Cyber Security