What is phishing?
You may or may not have heard the term “Phishing”, but you would have likely experienced at least attempts at it. Phishing is the term to describe a cybercrime in which the attackers send fraudulent emails, often posing as a legitimate business or a person that you know. The intention is to get the email recipient to disclose financial information, confidential security information or other sensitive information or even make payments directly to them. It can also entice you to click on an apparently important or urgent link that downloads malicious software onto your computer. A phishing email might send you fraudulent payment details for a contact you already have, meaning you send payments to their account instead of your intended recipient. Phishing emails can even be sent via the actual email account of someone you know if attackers have obtained their password and gained access to their email account, or they may have hacked in and are monitoring the mailbox.
Phishing attacks are on the rise, they are getting more and more sophisticated and increasingly harder to pick. You may find these days that most attempted Phishing attacks are sent straight to your junk folder by your email provider. If it’s your business email, it’s likely these emails will never see the light of day, which might make you feel safe. However, these days phishing attacks can look incredibly legitimate, even to your email filters, and are known to fool everyone from home users right through to CEOs on an alarmingly regular basis. The consequences of which range from large financial losses to incredible damage to your business’s reputation.
Phishing is something we will always need to be vigilant about. Security techniques to protect us are continually improving, but the attackers are constantly working out new ways to get past our defences. The cost to the attackers can be very low, and unfortunately, so is their chance of getting caught. In contrast, the financial gains can be incredibly high, often with minimal effort on their part, so it will likely always remain an attractive avenue for these people. Phishing kits can even be purchased on the dark web these days, allowing even a newbie scammer to launch a formidable and believable looking attack.
How can you protect yourself?
All of this can seem a bit scary, but fortunately, there are things you can do to prevent yourself from falling target.
- Know what current phishing scams look like, and for businesses, educate your staff. They can seem incredibly legitimate. The more you are aware, the less likely you are to be taken in. Look for discrepancies, spelling errors, small changes in URLs, or email addresses can be some tell-tale signs. Do they use your correct name or just refer to you by a generic term or part of your email address?
- Do not click on links provided in emails. If you think it is a genuine request, type the company’s web address into the search bar yourself to ensure you aren’t sent to a clone site designed to steal your information. If you have been told to update credit card or account details for example, log in to your account directly, update your details from there, trust no one.
- If you are even slightly unsure, stop and do some research. Contact the person or business the email is from and confirm if it is a genuine request. Even if the email seems urgent, take the time you need to be sure. A sense of urgency is often used to make people act before thinking.
- Cut and paste the wording of the email into your search engine, and you may immediately see a scam alert.
- Do not double up passwords, and do not use simple, guessable passwords. If an attacker gains access to one of your accounts, chances are they will use the login details to see if they can access any of your other accounts. To manage the large number of unique passwords you may now have, consider a password management solution like iCloud or 1Password.
- Do not give out sensitive information.
- Ensure all your security updates are up to date.
- Keep your computer, phone and files backed up, as your files can be corrupted or crypto locked by an attack.
- If you are paying a significant amount of money to someone via online banking, consider doing a small test transaction first and ensure it has arrived in your recipient account before sending the main sum. If someone you regularly pay money to emails you to advise of a change in banking details, verify that change by speaking to them on the phone, by using the phone number you have on file not the one in the email.
- MFA aka Multi-Factor Authentication. Yes, it can be a bit annoying that every time you log into something, you then need to get a code sent to another device that you then type into your computer, but trust us, those few extra seconds might save you a lot of pain.
- Anti-phishing software for business is a must these days. The right product can prevent attacks by blocking emails that were not detected by your email gateway. It can automatically alert your IT department when a threat is detected or an account is compromised. It is even possible to remove malicious emails sent from a compromised account.
What should you do if you have been compromised?
Immediately disconnect your device from the internet, either by unplugging the ethernet cord or turning off the Wi-Fi, or turning off cellular data. Depending on how you are connected. Unplug any external hard drive that you might be backing up to. This can help to prevent:
- Spread of malware through your network.
- Malware sending information from your device.
- Attackers accessing your machine remotely.
If this is within a business setting, alert your IT department straight away. They may take over from that point or give you instructions to follow. Delaying this step could be costly.
If this is a home computer, the best option is to call us to discuss what happened so we can advise what steps to take next. If you are unable to get in touch with us at the time and are confident with the process you may choose to do the following:
- Back up your files to a blank external drive. You don’t want to use your regular backup device, as this could also become compromised. Begin with the most important files, consider what is already backed up.
- Change usernames and passwords, beginning with accounts that will cause the most damage if accessed. Keep in mind to not do this from your compromised machine, you might be being watched.
- At this point if you have not yet been in touch with us, it is highly recommended, you do so, so we can help ensure you are not still at risk.
When it comes to phishing attacks, it is important to keep in mind that once you are compromised it doesn’t just affect you, it can quickly and easily become something that has a knock-on effect to friends, family, colleagues, or your business. If you feel you could be doing more to prevent attacks, but are unsure what the next steps are, reach out to us at Mac Aid to discuss how we can help.