What are Phishing Attacks?

Phishing attacks commonly come in the form of emails that are disguised to look like they were sent from a reputable source.  There are numerous kinds of phishing attacks, and each one has a specific goal and technique to hook you.

In 2016, statistics stated that one in every 131 emails contained malicious content, and phishing attacks had reached the highest rate in five years (statistics gathered by Symantec). It’s expected that the attacks are only going to get worse. Not only because it has become a huge business but cyber-criminals are always advancing and changing their techniques. Anyone can fall victim if they don’t know the signs of an attempted attack.

What do Phishing Attacks look like?

Phishing emails are more successful the closer to a legitimate sender it appears to have been sent from. Recent phishing emails have disguised themselves to look like they’ve come from companies such as EBay, Amazon, UPS, or FedEx.  These sometimes offer status of an item you’ve ordered, provide a link to an invoice, or a link to track a package. Others appear to come from a bank, asking you to re-inter information, verify your account, or submit a payment. In some cases they can show to be sent from email addresses you recognize personally, like coworkers or family.

There are a few ways you can tell that an email shouldn’t be trusted: spelling and grammatical errors, vocabulary that is either vulgar or creates a sense of urgency, generic greetings, links, attachments, and requests for credit card or banking information. Sometimes emails will provide you with further details about the sender to convince you it's legitimate. For example, the company they are from, their position, work phone number, etc. If the information is there, use it to your advantage to ensure that it’s being sent from a reputable and legitimate source.

Email: Phishing Attach Example

Furthermore, if there is a link in the email, you can hover your cursor over it to see where it will redirect you. If it is to a site you don’t recognize, and/or it’s not what it says it will send you to in the email, DON’T CLICK!!

If the email just doesn’t look right, then it probably isn’t. Trust your gut, and don’t take the bait.

 95% of Attacks Come from End User Error

Based on a report by IBM (Security Services 2014 Cyber Security Intelligence Index Report) nearly all attacks are from mistakes of end users. This means if your Business has ever fallen victim to the nasty Ransomware (Cryptolocker) attack, it was probably caused by the lack of end user knowledge of phishing attacks.  As part of CTG Tech's Managed IT Services Program, we offer ongoing training  to provide your staff with knowledge on how to prevent these things from happening.  We also schedule random simulated phishing attacks with a detailed report showing the percentage of your employees that are Phish-prone.

CTG Tech provides Fast, Reliable IT Support & IT Consulting Services in the Dallas-Fort Worth and Amarillo Surrounding areas, contact CTG Tech today to receive a Free Risk Security Assessment!