Anti-malware software has become more sophisticated and as a result, cybercriminals are resorting to new tricks, hoping to enlist the help of users on your network to launch their malware. Two of the most common are “spoofing” and “phishing”.
A “spoofed” email is one that seems to come from an address you might recognize, but it may have attachments, that, when opened, launch harmful malware within your system. The most notorious example is Cryptolocker which is often sent as a PDF attachment to an email that seems to be from a “shipping company”. The recipient sees it, thinks they’re checking on a package, and by opening the attachment (or clicking a link) the ransomware is launched.
“Phishing” is similar in that the “from” address shown is usually fake. Instead of enticing the recipient to open attachments, the email lures the reader into clicking links to verify their identities, and provide personal information. However, the websites are not what they claim to be, linking to shell URLs which are owned and operated by cybercriminals. These “phishing” attempts can be very clever, dressed up as emails from banks, the government or even healthcare companies.
CCS Tips to Avoid Being a Victim of Phishing and Email Spoofing
If your company network has up-to-date antivirus and antimalware protection, many of the spoofing and phishing attempts will not even reach your Inbox, or if they do, they typically come with a warning. Cybercriminals never stop innovating, so it’s important that the company’s defenses against cyber threats are consistently updated.
Having an active data backup system in place is vital, just in case malware gets through the edge defenses. Make sure that system images are backed up as well as data. If a PC gets infected, it may be possible to reimage the PC from a backup saved just prior to the infection. This will keep your company downtime to a minimum and your productivity at its peak.
The reason spoofing and phishing scams work is because people get a lot of email on a day-to-day basis, and they’re often in a hurry to read them. However, it is possible to learn to spot these scams. If an email seems “wrong” in any way – the body of the message doesn’t seem to match your expectations of the sender, or you get a completely unexpected message with an attachment – hesitate. If you think you know the sender, take a moment to call them to ask if they sent it.
Phishing is actually easier to spot if you know these three things:
1) No bank or legitimate enterprise is going to ask you to verify sensitive information (social security number, credit card info, passwords) from an emailed link.
2) When viewing a link in an email, if you hover your cursor over the link, you will see the actual destination address at the bottom of your screen. If the email says it’s from Bank of America, but the link goes to another address don’t trust it.
3) Pay attention to the destination’s root domain (the letters just to left of the dot) – this can’t be faked, while subdomains can be faked. For example, http://login.amazon.com would be OK (if you’re expecting to get to Amazon), but http://amazon.bizsites.com is suspicious.
The last line of defense is you – the email recipient. Learn to be in tune to messages that are suspicious, because of the wording, what they’re asking or what they’ve sent you. Avoid having personal messages sent to your business email. And take your time to look at a message carefully before opening attachments or clicking links. If anything seems wrong in any way, bring it to the attention of your IT department.
Here’s a link to a fun Phishing Quiz from a company called OpenDNS – can you pass?