Phishing is the practice of sending fraudulent emails that look like they are from a reputable source. Phishing emails intend to persuade the recipient to reveal personal information such as login credentials or credit card numbers. This act is one of the oldest scams on the internet, and it continues to be a concern for both individuals and businesses. In fact, according to Phishing Activity Trends Report for 2017, there was an average of roughly 48,500 confirmed phishing attacks per month in the United States during the first half of the year. Some of the key takeaways from this report show that several hundred companies are regularly targeted, at least every few weeks, while a smaller number of companies are attacked intermittently. Over time a few companies fall off the lists completely, only to be replaced by new and up-and-coming targets of opportunity. Phishing attacks are most common in the Payment, Financial, and Email sectors.
Phishing attacks can be challenging to identify. The reason is that the malicious attackers are smart and sophisticated in the manner that they target and attack users. They disguise their emails to look like organizations such as Netflix, Target, Bank of America, or Amazon so they can steal personal information or login credentials. These attackers design their emails to look precisely like the emails you receive from legitimate organizations. For example, some of these emails claim that “your order has shipped" and you should “check the tracking number.” Then, of course, to check the tracking, you need to “click the link below” to log in to your account. However, because you didn't order anything online recently, so you want to log in and make sure something terrible hasn't happened to your account. Absentmindedly, you click the link, log in, and then without realizing it, your login credentials have just been compromised.
Phishing emails arrive in inboxes across the country every day, and spam filters do not always catch them. Luckily, you don't have to panic. This blog details both real-life examples of malicious emails and tactics you can use to identify them and not fall victim to these sneaky jerks.
Below are some examples of emails that individuals close to our team have received recently. We didn't have to dig too hard to find these emails because they show up frequently. The best way to combat them is to use a spam filter first. However, as a reminder, spam filters and helpful tools such as Microsoft Office 365's Advanced Threat Protection don’t catch every suspicious email. New malicious phishing methods pop up every day and these tools take time to update.
In the example above, the email looks to be from Microsoft's Secure Department. It appears to be legit, right? It says that someone attempted to log into my Microsoft Office 365 account and that I should enable second step verification so that any unauthorized locations can be canceled. Makes sense, right? I want to protect my Microsoft Office 365 account!
Stop. Look closer.
The sender's email address looks strange. It shows @email.nonreplymsdomain.com, and that doesn't look like a Microsoft domain; this is an excellent example of a phishing email. Clicking the link in that email will compromise the user’s credentials.
One of our employees received this email. It appears to be from someone who states that his Bank of America account would be limited over 24 (hours) if he did not confirm the account by logging into his account through the email.
The email above is an example of using a threat to coax the recipient into clicking a link and entering their credentials.
Stop. Look closer.
Again, the sender's email address looks strange. It shows email@example.com, and that doesn't look like a Bank of America domain; this is another excellent example of a phishing email. Clicking the link in that email will compromise the user’s credentials.
MITS Service Manager
Businesses are monitoring your clicks, visits, likes, shares, views. Searches, etc. Would you like to keep your info private? Check out our blog!
Learn how to choose the right Kentico partner by using the Kentico Quality Expert Certification to your advantage.
Most Americans use social media every day, but you probably haven’t you considered that your social media activities may be putting you at risk for cyber-security vulnerabilities. Read about a few best practices to keep in mind when using social media both personally and professionally.
Microsoft has added SharePoint Online synchronization to the OneDrive sync tool.
You've probably purchased off-the-shelf anti-virus software before, but are you sure that's all the security you ne… https://t.co/8IEaEFu4CT
Happy 1-year Bit-Wizaversary, Patrick Mead! Here's to another magical year as a wizard! #wizardlife Learn more abou… https://t.co/d0eielJl10