Phishing attempts seem to be increasing while also becoming more sophisticated. We have seen several phishing techniques being used more often. Here are some of the common phishing techniques we are seeing currently.
Fake Microsoft Login Sites
Attackers have been sending messages that appear to come from Microsoft. Usually the email will state something about a password issue, or unsent messages, or upcoming deactivation. Regardless of how the situation is framed, the “fix” is always the same: you’re asked to login to your Microsoft account, and provided a link to do so. If you follow the link, they often look quite similar to the Microsoft Online login page. However, a quick glance at the URL will tell you otherwise. It will often be gibberish, or a foreign domain. These phishing attempts are designed to get your email password.
Spoofed Email Addresses
We’ve seen many more phishing emails that appear to come from within an organization lately. For an attacker, it is easy to “spoof” their email address – that is, for it to look like the email is coming from somewhere other than where it actually is. They will typically then target upper management or finance/accounting, i.e. those who have access to company funds. It can be harder to spot these emails, but there are usually a few tell-tale signs:
- Typos, grammar issues, broken English. Phishing attackers usually are foreign, and carefully reading emails they send will typically reveal this.
- No signature or an atypical sign off. Not everyone uses a signature, but if you receive an email from a contact that usually has a signature, but is missing it, it would be prudent to treat the email with suspicion until a determination on its legitimacy can be made. Similarly, most people close emails in a similar way each time – if you receive an email that appears to be from someone but doesn’t “sound” like them, it may not be them.
- Unusual requests. It’s very common for attackers, when trying to get money from a company, to request large purchases of gift cards, such as the Visa gift cards. Another common tactic is to ask for a large transfer of funds, but follow up the request with a statement to only ask questions by email, not call on the phone. This is the opposite of what you should do – if you receive an email requesting money, CALL the person requesting to verify it is really them!
While the above two techniques are by far the most common we are seeing these days, there are still attackers who try to get people to install viruses. Because spam filters have improved to detect malicious attachments, a common method is to send a Dropbox link, or a PDF with a malicious link inside of it. Basically, the attacker hides the virus link under a few layers, so that it can get through a spam filter. If you receive an attachment or a link from a sender you don’t recognize or weren’t expecting to hear from, treat it with suspicion and ask your IT provider to take a look.
At Layered Systems, we take email security very seriously. We implement industry-leading spam filter and email security technology to help safeguard our clients against the threats of today’s connected world. Our highly-trained technicians are able to easily identify phishing attempts, and help educate clients on how to detect phishing emails. Contact Us today to find out how Layered Systems can help protect your business.