Phishing is the practice of sending fraudulent emails that look like they are from a reputable source. Phishing emails intend to persuade the recipient to reveal personal information such as login credentials or credit card numbers. This act is one of the oldest scams on the internet, and it continues to be a concern for both individuals and businesses. In fact, according to Phishing Activity Trends Report for 2017, there was an average of roughly 48,500 confirmed phishing attacks per month in the United States during the first half of the year. Some of the key takeaways from this report show that several hundred companies are regularly targeted, at least every few weeks, while a smaller number of companies are attacked intermittently. Over time a few companies fall off the lists completely, only to be replaced by new and up-and-coming targets of opportunity. Phishing attacks are most common in the Payment, Financial, and Email sectors.
Phishing attacks can be challenging to identify. The reason is that the malicious attackers are smart and sophisticated in the manner that they target and attack users. They disguise their emails to look like organizations such as Netflix, Target, Bank of America, or Amazon so they can steal personal information or login credentials. These attackers design their emails to look precisely like the emails you receive from legitimate organizations. For example, some of these emails claim that “your order has shipped" and you should “check the tracking number.” Then, of course, to check the tracking, you need to “click the link below” to log in to your account. However, because you didn't order anything online recently, so you want to log in and make sure something terrible hasn't happened to your account. Absentmindedly, you click the link, log in, and then without realizing it, your login credentials have just been compromised.
Phishing emails arrive in inboxes across the country every day, and spam filters do not always catch them. Luckily, you don't have to panic. This blog details both real-life examples of malicious emails and tactics you can use to identify them and not fall victim to these sneaky jerks.
Below are some examples of emails that individuals close to our team have received recently. We didn't have to dig too hard to find these emails because they show up frequently. The best way to combat them is to use a spam filter first. However, as a reminder, spam filters and helpful tools such as Microsoft Office 365's Advanced Threat Protection don’t catch every suspicious email. New malicious phishing methods pop up every day and these tools take time to update.
In the example above, the email looks to be from Microsoft's Secure Department. It appears to be legit, right? It says that someone attempted to log into my Microsoft Office 365 account and that I should enable second step verification so that any unauthorized locations can be canceled. Makes sense, right? I want to protect my Microsoft Office 365 account!
Stop. Look closer.
The sender's email address looks strange. It shows @email.nonreplymsdomain.com, and that doesn't look like a Microsoft domain; this is an excellent example of a phishing email. Clicking the link in that email will compromise the user’s credentials.
One of our employees received this email. It appears to be from someone who states that his Bank of America account would be limited over 24 (hours) if he did not confirm the account by logging into his account through the email.
The email above is an example of using a threat to coax the recipient into clicking a link and entering their credentials.
Stop. Look closer.
Again, the sender's email address looks strange. It shows email@example.com, and that doesn't look like a Bank of America domain; this is another excellent example of a phishing email. Clicking the link in that email will compromise the user’s credentials.
MITS Service Manager
In our MITS Tips Video this month, Sam breaks down how to use document syncing, versioning, and collaboration in SharePoint.
This blog covers five Microsoft Excel tips that will change your life. We all work with Microsoft Excel, which does a great job of handling large amounts of data. However, Excel has some functionality that you may not know about.
There are time and effort involved in any software update. However, the time and effort it costs, in the long run, are far less if you keep your software up-to-date. In this blog, I detail the three most important reasons to upgrade a Kentico website.
Microsoft has added SharePoint Online synchronization to the OneDrive sync tool.
Yer a wizard (again), Jennifer! Welcome back to the #wizardlife! https://t.co/zT5oaKEmoQ
Happy 1-year Bit-Wizaversary, Taylor! Here’s to another magical year as a wizard! #wizardlife Learn more about Tayl… https://t.co/seIo9B7wYL