With the lines very much blurred between home and work environments as well as the general distractions of everything that’s happening right now (home schooling, anxiety about the future, lockdown fatigue), employees are even more vulnerable to cyber-attack, specifically phishing. Phishing is the method of convincing a person to hand over their personal or sensitive data voluntarily, often in the form of mimicking someone trusted. If your employees fall prey to phishing scams while working from home, it can affect your company network by transferring malware and viruses over internet connections.
One phishing email has the power to cause downtime for your entire business and unfortunately the scams are getting more sophisticated every day, making them harder to detect.
5 most common types of phishing
You may already be familiar with some of these kinds of phishing tactics, and may have even fallen victim yourself, but with one successful phishing email being able to cause downtime for your entire business it’s important to remain aware.
Attackers pass themselves off as someone the target knows well or an organisation that they’re familiar with to gain access to compromising information (e.g., credentials or financial information), which is used to exploit the victim.
Whaling is a form of spear phishing with a focus on a high-value target, typically a senior employee within an organisation, to boost credibility. This approach also targets other high-level employees within an organisation as the potential victims and includes an attempt to gain access to company platforms or financial information.
Mass phishing campaigns cast a wider net. Emails are sent to the masses from a knock-off corporate entity insisting a password needs to be updated or credit card information is outdated.
Ambulance Chasing Phishing
Attackers use a current crisis to drive urgency for victims to take action that will lead to compromising data or information. For example, targets may receive a fraudulent email encouraging them to donate to relief funds for recent natural disasters or the COVID-19 global pandemic.
Pretexting involves an attacker doing something via a non-email channel (e.g., voicemail) to set an expectation that they’ll be sending something seemingly legitimate in the near future only to send an email that contains malicious links.
What to do if you think you’ve received a phishing email
First, to help identify it as a phishing email, check to see if the signed-by field was generated by a DomainKeys Identified Mail (DKIM) or a service. DKIM is a good first step in email authentication and is a technical solution to prove that an email is not fake. For example, if you received an email from firstname.lastname@example.org, you would see a DKIM in the signature that looks like this: technology-com.20150623.gappssmtp.com. This is how all emails through a domain are processed.
Emails shared through a service (e.g., Drive, Calendar, Dropbox, Box, etc.) do not have a DKIM. Instead, you would see the signature of the provided service (i.e., signed-by dropbox.com). If you receive a file, and it is not signed by google.com, gmail.com, dropbox.com, it is likely phishing – delete it immediately. It’s important to remain vigilant and proceed with caution in these circumstances.
Prevention and Resolution
With 54% of ransomware attacks being initiated via a phishing email, it’s important you have solutions in place for both prevention and resolution. Sophos Email Scanning includes ‘Impersonation Protection’, a feature aimed specifically at helping to protect your inbox from the more sophisticated phishing emails. However, no security solution can stop everything getting through and even the most security aware individuals can still be fooled when caught at the wrong time. That’s why, for the worst-case scenario, a backup solution is necessary. Datto’s SaaS Protection provides a range of business continuity features that allow you to easily recover Office 365 and G Suite Data.
Bristol IT are Gold Partners with both Datto and Sophos and have extensive experience implementing their solutions to our clients. If you’d like to find out more please get in touch.