Back to Blog
22 May 2020

What is phishing and how can you protect yourself?

Phishing is a cyber attack whereby criminals use fraudulent communication to steal sensitive information and/or deliver malware. Cybercrime attacks such as advanced persistent threats (APTs) and ransomware often start with phishing.

Phisher's go-to communication is usually email, which they deliberately falsify to make it appear as if it’s come from a reputable source. The email tricks the victim into providing confidential information, often on a scam website. Attacks have also seen victims parting with money through false invoices.

According to research from Verizon, 90% of data breaches have a “phishing or social engineering component” to them.

More recently, security firm KnowBe4 revealed that COVID-19-related phishing attacks increased by 600% in the year's first quarter. And 45% of these attacks requested victims to check or type in their passwords on malicious domains that spoofed legitimate ones.

Examples of phishing attacks

Spear phishing

Spear phishing targets specific individuals instead of a wide group of people. Attackers often research their victims on social media and other sites. That way, they can customise their communications and appear more authentic. Spear phishing is often the first step to penetrate a company’s defences and carry out a targeted attack. According to the SANS Institute, 95% of all attacks on enterprise networks result from successful spear phishing.

Whaling

When attackers go after a “big fish” like a CEO, it’s called whaling. These attackers often spend considerable time profiling the target to find the opportune moment and means of stealing login credentials. Whaling is of particular concern because high-level executives can access a great deal of company information.

Pharming

Similar to phishing, pharming sends users to a fraudulent website that appears to be legitimate. However, in this case, victims do not have to click a malicious link to be taken to the bogus site. Attackers can infect the user’s computer or the website’s DNS server and redirect the user to a fake site even if the correct URL is typed in.

Deceptive phishing

Deceptive phishing is the most common type of phishing. In this case, an attacker attempts to obtain confidential information from the victims. Attackers use the information to steal money or to launch other attacks. A fake email from a bank asking you to click a link and verify your account details is an example of deceptive phishing.

Office 365 phishing

The methods attackers use to access an Office 365 email account are fairly simple and are becoming the most common. These phishing campaigns usually take the form of a fake email from Microsoft. The email contains a request to log in, stating the user needs to reset their password, hasn’t logged in recently, or has a problem with the account that needs their attention. A URL is included, enticing the user to click to remedy the issue.

How you can block phishing

As a Secure Internet Gateway, Cisco Umbrella provides the first line of defence against threats on the Internet wherever users go. Umbrella delivers complete visibility into internet activity across all locations, devices, and users and blocks threats before they reach network or endpoints.

By analysing and learning from internet activity patterns, Umbrella automatically uncovers attacker infrastructure staged for attacks. It proactively blocks requests to malicious destinations before a connection is established – stopping phishing and malware infections earlier, identifying already infected devices faster, and preventing data exfiltration.

Together, Mark Waldmeyer from OryxAlign and Ishaan Korotane from Cisco have explored how you can create a strong first line of defence using DNS-level security that can block advanced attacks, including malware, botnets and phishing threats on every single device and for every user.

Watch their webinar to understand:

• The risks of remote working that leave your businesses vulnerable
• How to keep your employees connected, protected, and productive – on and off the network
• How to quickly block requests to malware, ransomware, phishing, and botnets
• How to gain access to one of the largest commercial threat intelligence teams in the world

 

By OryxAlign