The dark waters of Phishing

Written by:

Mario Felix

Mario Felix

Specialties: Software design and development, database design and development, network infrastructure administration.
Phishing

What is phishing?

At some point in time anyone that uses email, whether in a personal capacity or within their organisation, would have encountered a phishing email. The first recorded use of the word phishing according to Wikipedia, was in 1995

Gone are the days when these email attacks consisted of crudely put-together attempts to pedal 
a pharmaceutical or any other "too-good-to-be-true" product to encourage clicking a link...

…much has changed since then. Attacks are more sophisticated and, in some cases, convincing to the untrained eye.  

The significant increase in the workforce working from home during and post-COVID has resulted in a significant increase in phishing attacks as the assumption is that employees working from home would be on less

secure networks.

Let’s look at three techniques of phishing attacks that pose risks to firms. These attacks were even used to steal over $100 million from firms such as  Facebook and Google. 

Whaling

“A whaling attack is a method used by cybercriminals to masquerade as a senior player at an organization and directly target senior or other important individuals at an organization, with the aim of stealing money or sensitive information or gaining access to their computer systems for criminal purposes. Also known as CEO fraud, whaling is similar to phishing in that it uses methods such as email and website spoofing to trick a target into performing specific actions, such as revealing sensitive data or transferring money.” – source: https://www.kaspersky.com/

Spear Phishing 

A more sophisticated form of attack that accounts for approximately 65% of phishing attacks is Spear phishing. This involves significant research done by the attackers by targeting a company directly using information gathered from social media and other sources within the public sphere. Typically targets would be CEOs, MDs, Financial Managers, and even Payroll Managers. A recent example would be a file shared from Microsoft 365 with a link that would take the user to a very convincing replica of the Microsoft site login, also known as a “spoofed” site, where the attackers can harvest the login credentials to email accounts, which they use later.

Clone Phishing

Once the attackers have access to the credentials of an email account, they can launch the “coup de grâce” by cloning or copying an email within the compromised mailbox, for example, a payment collection or invoice email. They would then send this cloned email with changed banking details to all the contacts of the compromised mailbox. 

OK, so how do you avoid getting hooked and reeled in?

There are ways an organisation can protect itself and its staff from falling prey to phishing attacks.

Staff awareness training

Training all staff including executives is vitally important to reduce the attack vectors for phishing emails. Typically providing examples of what to look for when receiving emails that raise suspicion or are out of character with the sender. For example, verifying that the email in the “from” address is correct or even contacting the sender directly to confirm their email address.

Phishing Policies

If your organisation uses Microsoft 365 or Mimecast, there are very sophisticated anti-phishing capabilities built into these tools. Mimecast recently added their Targeted Threat Protection feature which replaces links in emails so that Mimecast can scan these links to ensure they do not lead to fake domains and harvesting logins.

 Finally, be aware that fear is a key social engineering tactic that these attackers rely on. It comes down to being vigilant and always ensuring staff awareness. Be Safe!

Book a session with us

Find out how to protect your clients' data, avoid losing confidential information, harness powerful marketing tools and increase customer retention

Book a session with us

Find out how to protect your clients' data, avoid losing confidential information, harness powerful marketing tools and increase customer retention

Share this post!

[social_warfare]

Subscribe!

086 147 3281 info@greatsoft.co.za
Scroll to Top