WATCHPhishing Attacks – The Dark Side of Email – Day 5 of Cybersecurity Awareness Month 2021
So Craig, phishing attacks are everywhere. And there’s a lot of confusion about them. Can you tell us what a phishing attack is.
Absolutely, yeah, phishing is one of the primary methods by which hackers breach our company’s that and poor password hygiene, which we covered earlier in another interview. Phishing attacks are probably the number one and favorite method of attack in small businesses, because so many of the employees are not trained on how to spot and avoid them. They’re so dangerous because they can steal your credentials to your usernames and passwords of your employees. They can push down malicious software as an attachment that is, allegedly the shippings instructions to get the free parcel or the gift that you want from Amazon that you weren’t expecting. And you just have to fill out this form. Well, it installs malware, so it can lead to a compromise of your computer or your company’s network, and downtime and embarrassment for your company. So for these reasons, phishing attacks are really dangerous and deadly for small to medium sized businesses and msps.
Okay, is there a good way to spot them?
Absolutely. And I think we prepared a special graphic for this to explain it. So there are seven questions you should ask yourself before you click on anything you get in your email, if you have that sense that something’s wrong in this email. And if you answer yes to two of these questions, you’re being fished deleted. And the worst that can happen is you have to ask someone to email you again, which is a small price to pay versus the consequences of being fished. So the first question is, is this email in my inbox, totally unexpected.
Hackers don’t tell you ahead of time, nor do you that they’re gonna fish you. And so every phishing attack typically shows up out of the blue as an unexpected email. Also, it’s usually paired with some kind of urgency. Hackers know that if you make a split decision, they you’re more likely to click on a link or provide credentials or installed something that they’ve sent to you.
So they create a sense of urgency, your account is locked up, someone bought something in your Amazon account, click here to find out what and so by making you make a split decision, you make the wrong one. The third thing they do is they address it generically because they don’t necessarily know your name Mike, so it’ll say dear customer valued customer dear sir, dear ma’am. And that’s a dead giveaway that it’s a phishing attack. The fourth thing is who sent it to you.
Today I received not one but two emails, one from Netflix allegedly and the other from PayPal, neither were sent by either company, they were phishing attacks. And the way I easily quickly determine that is I knew it was unexpected, and it was urgent, but I looked at who sent it to me. And it was some gobbledygook sender address that had amazon.com somewhere embedded in it, but add all kinds of letters before and after. That’s them trying to hide the real sender’s name and make you think it’s Amazon.
So pay attention to who sent it. And if it’s not an amazon.com address, sending you an Amazon notification, delete it. That’s the fourth thing. The fifth is grammar, spelling, and punctuation. Many hackers aren’t English speakers as their first language and they make mistakes. So if there’s poor punctuation, or spelling or grammar, that’s a giveaway that it could be a phishing email. Now, that doesn’t mean that a perfectly worded grammatically correct email is not a phishing attack.
There are many that are but when it is present, you can be sure that Amazon has very good spell checkers, they’re not going to make many mistakes in that space. The sixth thing is does it have links to strange places. If Amazon sending you a link to the parcel, the package or the item you bought, it will say amazon.com and the link if you hover over without clicking, if it goes anywhere else, you’re being fished. Finally, if there’s a salacious or enticing attachment like salaries.exe or your parcel can’t be delivered unless you download and install this file to give us the address to deliver the parcel. That’s an indicator that you’re being fished.
So ask yourself these seven questions was an unexpected or urgent address generically from the wrong sender with grammar, spelling or punctuation mistakes, having strange or obfuscated links to other foreign websites that don’t belong, or contains some weird attachment? Any two answers if you say yes to two of those, you’re being fished, delete the message. That’s the way to spot and avoid phishing attacks.
Well, how do we get started?
So most SMB And MSPs have some kind of awareness training program or should have one and that’s where you would cover phishing and these seven questions is in an awareness training program that teaches your employees on a regular basis about all sorts of cyber security topics from password hygiene, to password managers to 2FA and most importantly hear phishing attacks. You have to go over this every single year with your employees because it’s like going to the gym Mike, if you stopped going to the gym, you fall out of shape.
If you stop training your employees on how to spot avoid phishing attacks. Guess what they do? They click so make sure you have a ironclad robust awareness Cybersecurity Awareness training program in place.