Deceitful messages are frequent vectors to promote digital scams.
Key targets include theft of information and privileges, installation of unwanted or malicious applications, and the infection of multiple devices connected in a corporate network. However, at times the user cannot identify that a message is part of a malicious campaign, since attackers try and create messages that seem reliable.
Phishing is the main social engineering technique. With some basic information about the recipient, one can persuade it to act carelessly, infecting devices and putting information at risk.
Companies are especially focus of this type of threat. While email server protection technologies are crucial, it is equally important that employees are able to identify types of phishing to behave carefully.
Note that phishing is often associated with email, however there are some variations that use text messages or voice messages on phones. There are several types of phishing attacks:
The simplest form of phishing scams is any message designed to look legitimate to the user, aiming at gaining their trust. This can be achieved by knowing some personal data or by replicating an email layout used by a company that the user trusts. Once convinced, the user may be prompted to click on suspicious links or download malicious loads.
Note the following factors to identify phishing scams:
- Messages seem urgent and demand immediate action from the user;
- Offers with great advantage to the user;
- Spelling mistakes may be evidence of a phishing campaign;
- Links that do not match the one indicated in the message are suspicious.
Because phishing campaigns use links and files to spread malicious loads, it is important to always be alert to these resources. For example, a link or a file can hide a ransomware load on the user’s device and block access to the system. In terms of Web resources, it’s important to always be aware of emails sent by cloud services (Dropbox, Google Docs, etc.) because they are often exploited by attackers.
In this type of phishing, attacker has more details about the victim. Whenever more information is used in a social engineering process, the victim is more likely to believe and fall for the scam.
Most Spear Phishing cases appear to be from trusted senders, such as a company the user usually buys or a friend. This technique is used for information theft, malware infections, theft of financial information etc.
Whaling / CEO Fraud
Whenever the focus of the phishing scheme is a mid-level executive with some influence within the company, it shows the attackers begin to seek privileges within the high hierarchy. If they succeed in stealing information or privileges from a high hierarchy executive, for example, greater is the risk of information leakage.
For example, if the CEO asks for information, no employee would suspect. That is why this type of scam is a great risk.
Although email scams are common, attackers have developed new and different ways to trick users. Pharming consists in DNS cache poisoning. DNS is the system responsible for translating IP numbers into names and redirecting them to the correct servers. If an attacker corrupts this targeting system, the user may be taken to a malicious page.
Not every phishing scheme is promoted by e-mail. Vishing, for example, is promoted by voice (VoIP). Is important be alert to voice calls context, because the VoIP servers allow to change the number that identifies the call. On the other line, a criminal may try to mislead as a company representative to confirm user information. Frequently, telecommunication companies or banks are exploited in this scams.
SMiSHing uses text messages (SMS or instantaneous app messages) to achieve its goal. This type of scam has wide reach and, therefore, it will hardly be customized. Generally, the criminal uses as bait some purchase offer or prize. Others may mislead as banks, suggesting advantages in rates. In all the cases, be alert to any attempt to request personal information.
With more than 5,000 clients, Blockbit is one of the leading manufacturers of cybersecurity solutions, empowering businesses to protect themselves against a wide range of threats, vulnerabilities, and cyberattacks, whether internal or external, generic or specific.