Email Phishing Attacks


September 15th, 2015

 

OVERVIEW

Email is one of the primary ways we communicate. We not only use it every day for work, but also to stay in touch with friends and family. In addition, email is how companies provide many products or services, such as confirmation of an online purchase or availability of your online bank statements. Since so many people around the world depend on email, email attacks have become one of the primary attack methods used by cyber criminals. In this article, we explain the most common email attacks and the steps you can take to protect yourself.

 

PHISHING ATTACKS

Phishing was a term originally used to describe email attacks that were designed to steal your online banking username and password. However, the term has evolved and now refers to almost any email-based attack. Phishing uses social engineering, a technique where cyber attackers attempt to fool you into taking an action. These attacks often begin with a cyber criminal sending you an email pretending to be from someone or something you know or trust, such as a friend, your bank, or your favorite online store. These emails then entice you into taking an action, such as clicking on a link, opening an attachment, or responding to a message. Cyber criminals craft these emails to look convincing, sending them out to literally millions of people around the world. The criminals do not have a specific target in mind, nor do they know exactly who will fall victim. They simply know the more emails they send out, the more people they may be able to fool. Phishing attacks work one of four ways:

  • Harvesting Information: The cyber attacker’s goal is to fool you into clicking on a link and taking you to a website that asks for your login and password, or perhaps your credit card or ATM number. These websites may look legitimate, with almost exactly the same look, imagery, and feel of your online bank or store, but they are fake websites designed by the cyber attacker to steal your information.
  • Infecting your computer with malicious links: Once again, the cyber attacker’s goal is for you to click on a link. However, instead of harvesting your information, their goal is to infect your computer. If you click on the link, you are directed to a website that silently launches an attack against your computer that, if successful, will infect your system.
  • Infecting your computer with malicious attachments: These are phishing emails that have malicious attachments, such as infected PDF files or Microsoft Office documents. If you open these attachments, they attack your computer and, if successful, give the attacker complete control.
  • Scams: These are attempts by criminals to defraud you. Classic examples include notices that you’ve won the lottery, charities requesting donations after a recent disaster, or a dignitary that needs to transfer millions of dollars into your country and would like to pay you to help them with the transfer. Don’t be fooled, these are scams created by criminals who are after your money.

 

PROTECTING YOURSELF

In most cases, simply opening an email is safe. For most attacks to work, you have to do something after reading the email (such as opening the attachment, clicking on the link, or responding to the request for information). Here are some indications if an email is an attack:

  • Be suspicious of any email that requires “immediate action” or creates a sense of urgency. This is a common technique used by criminals to rush people into making a mistake.
  • Be suspicious of emails addressed to “Dear Customer” or some other generic salutation. If it is your bank they will know your name.
  • Be suspicious of grammar or spelling mistakes; most businesses proofread their messages carefully before sending them.
  • Do not click on links. Instead, copy the URL from the email and paste it into your browser. Even better is to simply type the destination name into your browser.
  • Hover your mouse over the link. This will show you the true destination where you would go if you actually clicked on it. If the true destination of the link is different than what is shown in the email, this may be an indication of fraud.
  • Be suspicious of attachments and only open those that you were expecting.
  • Just because you got an email from your friend does not mean they sent it. Your friend’s computer may have been infected or their account may have been compromised, and malware is sending the email to all of your friend’s contacts. If you get a suspicious email from a trusted friend or colleague, call them to confirm that they sent it. Always use a telephone number that you already know or can independently verify, not one that was included in the message.

 

If, after reading an email, you believe it is a phishing attack or scam, simply delete the email. Ultimately, using email safely is all about common sense. If something seems suspicious or too good to be true, it is most likely an attack. Simply delete the email.

 

As reliance on technology continues to increase, new exposures continue to emerge. As your business grows, make sure your cyber liability coverage grows with it. Gunn-Mowery is here to help you analyze your needs and make the right coverage decisions to protect your operations from unnecessary risk. Contact us today.

 

Article sourced from OUCH! – published by the SANS Securing The Human program and distributed under the Creative Commons BY-NC-ND 3.0 license. Written by Pieter Danhieux. Originally published February 2013.