Phishing Attacks Uncovered

UNDERSTANDING THE PROPOSED CHANGES TO THE SAFEGUARDS RULE AND WHO IT EFFECTS
 
Portage, Michigan | September 21, 2020

With a 600% uptick in phishing attempts last quarter, there’s no more running from them. Understanding why they happen, what to look out for, and how to protect yourself is more important now than just hoping it doesn’t happen to you.

And be sure to tune in to our podcast episode (You can find the audio player below) ‘Don’t Take the Bait: Phishing Attacks Uncovered’, which dives deeper in how to prevent and protect yourself from phishing attempts. Give it a listen!



Wi-Fi

Amazon & FedEx

A report from Vade Secure shows that Amazon is in the top 25 most impersonated brands in phishing attacks, coming in at spot number ten. You’ve probably received an Amazon phishing email whether you know it or not. Aside from emails, Amazon and FedEx phishing attempts are also common in the form of text messages, so be wary of any links you receive in emails, texts, and so forth.

(Always remember to inspect links for anything suspicious before clicking them! If the link is supposed to take you to an Amazon login page, does the link say Amazon? Is it spelled correctly? Make sure there’s not any out of the ordinary words in the link like scam, hack, phish, etc.)

Recently, scammers have been sending false delivery notifications and updates to users with a tracking number and the link to track your package in the text. With so many people ordering online, there’s a good chance that the hackers will have sent the text to someone who did order a package from Amazon or FedEx. And without thinking they will click the link in the fake tracking text where the user will then enter their login credentials on the fake login page, ultimately handing over their username and password to the scammers.


Update your antivirus

DropBox & OneDrive

Another common theme we’ve seen lately with phishing emails are through the impersonation of DropbBox and OneDrive. Both DropBox and OneDrive are used heavily by small to medium sized businesses, so it makes sense for hackers to target these sized organizations that use a software they are familiar with.

Familiarity increases trust and therefore increases the likelihood of a successful attack.

Both DropBox and OneDrive are used to share sensitive information such as contracts, financial records, and legal documents. It’s no wonder they are commonly used for phishing. At first glance, the email looks just like your typical notification from DropBox when you receive a file from someone. After clicking on the link to view the file, users are taken to a page that also looks spot on to that of DropBox branding. Users are then prompted to download the file to view it. However, the download button goes to another page which doesn’t look legitimate, instead it is a Google Form claiming to be OneDrive asking users to sign into their OneDrive account.  At this point, using a little common sense you can very easily tell this is not an actual OneDrive login. The Google Form asks for an email and password, which contains a disclaimer underneath the submit button from Google telling you to never submit passwords through Google Forms.

Unfortunately, some people will continue without hesitation and enter their information. And while those who continued on gave up their username and password, they also downloaded the PDF containing a virus. A double success for the bad guys.


Encryption and Other Security Software Tools

Michigan State University

This example hits closer to home, as our MSP is located in Michigan, not too far from Michigan State University (MSU). Whom earlier this year was victim to a ransomware attack. The hacker stole files containing sensitive information regarding student records and financial documents. If they did not receive payment from MSU in a timely matter, they threatened to release the documents.

How did MSU know this was a real threat?

A screenshot of a Microsoft Windows file directory that pictured folders that belonged to individual users on MSU’s network. The screenshot came from a post on a blog associated with NetWalker, a form of ransomware, the post also included a timeframe of one week for the ransom to be paid or else the files would be released to the public.

So, how did they get access to those files?

The attackers behind this example are known to use phishing as a way to enter the network. From there they often use the compromised email accounts to send more deceptive emails to other internal staff members until they get what they need. In the case of Michigan State University, it was a directory structure, student records that contained an image of a student’s passport, and MSU financial documents from 2015.


all of your files should be backed up regularly

Where An MSP Comes In

There’s a lot you can do to protect yourself from becoming the next victim of a phishing attack. For starters, don’t take action right away. Pause. Look over the email. Is the email address actually from the correct sender? Are you expecting this email? How does the branding look, is it spot-on to the actual company logo, colors, tone, and so forth? Hover over the link before you click it to make sure it’s going to take you to the accurate destination.

Give yourself and your staff some phishing awareness and cybersecurity training. Not just once, but continually. When you partner with an MSP, like Omega Computer Services, part of our security package includes KnowBe4, which is a phishing awareness and security training software. Depending on your preference, simulated phishing emails will be sent out to your staff monthly, bi-monthly, quarterly, to continually test users on whether they will click the link in the phishing emails or not. Those who fail by clicking the link are given more training on how to detect a phishing email.

Remember all it takes is one person in your organization to click a bad link one time for your sensitive information and data to be compromised. Don’t let that happen to you, when you could easily prevent it with some training and practice.  


Woman checking tablet

Final Thoughts

As said any and everywhere you read about phishing, it’s not going away anytime soon and will only continue to happen more often. Not only that, but they will become harder to detect as attackers get smarter and craft their emails better.

That’s why it’s important now to learn how to detect a phishing email, so your data will stay safe and you won’t be the next big headline when it comes to victims of a successful cyberattack.

Don’t forget to check out our podcast episode below for more information on phishing and how to protect and prevent yourself from clicking on any harmful links.


 
The Omega Blog. Technology Blog. Insurance Blog. Cybersecurity Blog. Financial Blog.

Insurance security guide. Insurance agents. Insurance solutions. Insurance industry. Cybersecurity. MSP. SMB.

The Geek Freaks Podcast. Technology Podcast. Insurance Podcast. SMB Podcast. MSP Podcast.

SecuritySquare Studio Dev