In this weeks report, we reveal all on the rumoured iOS 14 security update from Apple, how Marriott hotels have been hacked, again, and...
What is Phishing?
Phishing is an increasingly common form of cyber attack that uses deceptive emails as its weapon of choice.
The purpose of these emails is to mislead and trick the recipient into believing that the message is something they need to take action on – a request from their bank, for instance, or an email from their colleagues or manager, asking them to click on a link or download an attachment.Phishing-Faded
Phishing is popular amongst hackers, quite simply because it works, and that’s down to the ever-changing techniques and convincing emails that nurture and build trust with a recipient.
By coming from what appears to be a real person or a trusted entity, the recipient is more likely to click or download an attachment – and that’s when the clever but nasty stuff happens.
Whilst very common, Phishing isn’t new, in fact, it’s one of the oldest forms of cybercrime – with the first ever lawsuit for Phishing being filed back in 2004, highlighting how hard it can be to deter due to the ever-changing techniques and type of attacks.
Types of Phishing
Spear Phishing is when a hacker creates a bespoke email targeting a specific individual – like a fisherman aiming for one specific fish, as to just casting a hook with bait on and see who bites.
Hackers do their research, identifying targets on social media, most commonly LinkedIn so they can impersonate their co-workers. As an example, a Spear Phisher might impersonate a manager and target the finance department requesting the payment or bank transfer.
Clone phishing is a type of phishing attack whereby a legitimate, and previously delivered, email containing an attachment or link has had its content and recipient address(es) taken and used to create an almost identical or cloned email.
The attachment or link within the email is replaced with a malicious version and then sent from an email address spoofed to appear to come from the original sender. It may claim to be a resend of the original or an updated version to the original.
Whale Phishing, or Whaling, is like Spear Phishing, instead, they target the very big fish – CEOs, Directors and other high-value targets.
Company board members are thought to be an extremely high-risk target, due to the fact they have a great deal of authority within a company, but since they aren’t full-time employees, they often use personal email addresses for business-related communication, which usually, doesn’t have the security factors and added protection offered by a business email.
Voice phishing, or more commonly known as Vishing, is where a hacker calls you impersonating a trusted source, someone you trust, such as the authorities or your bank, urging you to take urgent action. Once they have your attention, they scare you with some sort of problem and insist you rectify this by stating your personal and financial details to confirm your identity or ask you to pay a fine to life some form of ban or block.
Similar to Vishing, similar tactics are also used via SMS, commonly known as smishing, impersonating your favourite services and request you click a link to enter your login credentials and or pay to resolve the issue.
How to Protect Your Business from Phishing?
Let me introduce you to the Advantex ACT (Advanced Cybersecurity Technologies) suite, utilising the industries most intelligent and powerful solutions from the cloud, we can help educate, protect and restore your business from phishing and any other vulnerabilities online – giving you maximum protection and ultimately empowering you and your workforce into making better and safer day-to-day decisions online.
Advantex Educate eliminates your organisation’s human cyber risk and transforms user behaviour into just one simple and easy-to-use solution, all managed in-house here at Advantex.
Utilising the industries most intelligent and powerful solutions from the cloud, Advantex Protect gives your business and its users the ultimate protection and peace of mind from online threats, no matter where they are across the globe.
Knowing your data and digital assets are in safe hands allows you to focus on what’s most important, your business. With Advantex Restore, you can benefit from safe, secure, and scalable offsite services – including storage, backup and recovery for any data or system, anytime, anywhere.