Phishing Schemes And The Primary Way To Combat Them

Phishing Schemes And The Primary Way To Combat Them

Phishing Attacks

As we approach the end of the year, it’s a great time to reflect on what technology challenges were faced in 2018 and which ones we will likely see in 2019. Clearly the number one topic on everyone’s mind is security. Every industry and every business have sensitive data being stored somewhere in their network. At the end of the day there is no way to guarantee your business will not be targeted or compromised at some point in the future. Understanding the challenges, risks, and the best practices used to mitigate those will be even more crucial going into the new year.

In 2018, phishing attacks conducted through email were an increasingly common method used by cyber criminals. Google recently reported a finding of 10,037 different phishing kits and about 3.8 million credentials that belonged to victims of the kits. The top phishing kits impersonate many brands including file storage services (Dropbox, Office 365), webmail providers (Gmail, Workspace Webmail, AOL), and business services (DocuSign, ZoomInfo). The basic concept is to create an email that looks legitimate and trick the end user into either entering credentials (ex: banking websites/email portals) which are then forwarded to the phisher or getting the end user to take an action that results in the criminal benefiting financially (ex: fake wire transfer requests). Another way to steal credentials and other data is to send an email with exploit kit or malware attachments. The malware may include a keylogger or other type of malicious software that tracks every keystroke of the user, sending this data to the phisher. Once compromised, hijackers will often search the email history of accounts for financial data and use the accounts for spamming/phishing their contacts. They also searched inboxes for financial records and credentials related to thirdparty services or vendors.

Multifactor Authentication for example is a great way to combat those kinds of attacks. Unless the user has both methods of authentication compromised, the attacker cannot gain access to that users’ information or data, even if the primary set of credentials is compromised. We recommend it as a default best practice for both personal and business accounts. Tools, education, and good processes can go a long way in protecting your company’s critical data. Connecting Point believes in helping our clients understand the IT security landscape, how it applies to their business, and how to navigate through it.

Jesse Rosales

Connecting Point
Director of Managed Services