A Not So Perfect Catch

At CyberUK 2019, phishing was identified as one of the major threats facing the UK in 2019.

Phishing is an act of cybercrime in which users are tricked into providing sensitive data. This includes personal data such as passwords, bank account details and personal information. Users are targeted by deceiving emails which aim to look genuine so that users will click the malicious links. In a world of technological advancements, phishing emails are becoming more and more sophisticated and therefore harder to spot.

The CyberUK conference reminded companies that constantly providing user training to detect these attacks is vital. We would recommend that you introduce your staff to the CPNI “Don’t Take The Bait” campaign which aims to educate people on the dangers of spear phishing. It includes helpful guides and posters for businesses, to ensure that their staff are aware of the signs and can play a part in keeping the company secure.

They also spoke of the importance of implementing Active Defence measures within the community, such as businesses setting email DMARC records to reject identified fraudulent email. A DMARC is a Domain-based Message Authentication, Reporting & Conformance record which is used to tell email systems if an email has genuinely come from the company it claims to have come from. There will be more to follow on DMARC in a future Nexor blog.

Examples of Phishing Attacks

Compromised Emails

One common example of a spear-phishing email is a compromised email thread. The subject line is mirrored as an email from a trusted contact, often from the most recent email exchange from your work or personal email address. In most cases, you will trust the email as you have recently been communicating with them.

There have also been reports of phishing emails which claim to be from SharePoint, a Microsoft product. They look very convincing and are even tricking I.T. professionals. It seems as though they are using Microsoft hosting platforms to send out the emails and to host the malicious sites which are linked to within the email.

Blue or Green Button Phishing Campaign

Another incarnation is referred to as the Blue/Green Button Phishing Campaign. Users are sent an email with a distinctive bright green or blue button saying ‘display message’. When clicked on, a link appears which leads to a form.

If you have entered any personal data into one of these forms, you must change your password immediately, as you are likely to have been phished and therefore your password can be used to access your personal or business accounts. You should also report these emails as phishing or spam using the processes defined by your company.

Things To Look Out For

These phishing attacks are becoming more sophisticated and adapting to modern technology. They can be very convincing and seem completely normal to users.
We have listed some red flags which you should look out for in your email inbox.

• Spelling and grammatical mistakes - if the email consists of broken sentences, strange fonts/sizes or very bad spelling, do not click any links.

• A sense of urgency - in a business environment, urgent matters are often dealt with over the phone. Be cautious with ‘URGENT’ emails and avoid panicking as it could be a nasty trick.

• A different name to the email address - always check that the two correlate. Bob Waters wouldn’t send an email from graham@gmail.com, for example.

• They refer to the attachment a few times - this can be a key indication that the attachment is malicious. It’s human nature to be curious, but don’t click anything which seems suspicious.

• You do not work on the account - this one is common sense; if you aren’t usually involved then speak to the account manager before clicking on the email to check whether it’s legitimate.

How To Protect Your Business From Phishing Scams

There are many ways in which you can protect your business from email phishing. Most email providers have a standard spam filter, you should check this is suitably configured. You should also educate your staff on the red flags for phishing scams. People are less likely to make the mistake of clicking on a phishing email if they know what to look for.

Finally, you should consult a security expert to give you a report on your current security systems, and what you can do to improve them. Nexor offers our services to businesses who need advice on their security. Our experts will look deeper into the systems in place and offer you tailored advice on how to improve these.

For more information on our services, please get in touch.