Focus on Security: Phishing

We’ve all seen it. That one email in your inbox that looks fishy, but sounds convincing. Should you click it? DON’T DO IT! Here’s why…

What is Phishing?
Phishing is the process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity using bulk email which tries to evade spam filters.

Emails claiming to be from popular social web sites, banks, auction sites, or IT administrators are commonly used to lure the unsuspecting public. It’s a form of criminally fraudulent social engineering.

Example
We recently phish tested some of our users. We sent a fake Google Calendar event reminder.
PhishThreat Sample 4-2018.jpg
On the surface it was convincing. Once you dug a bit deeper it became evident that this was a bogus email.

  • From Address
    • As you open an email, take a quick gander at the From address. With Google, if the user is verified it will just have the user’s name. If the email is from an unknown address then the address will be displayed to the right of the name. Notice this one is from “@goog1e-mail.com”. Why would Google ever need to replace the “L” in their brand name with a number?
  • Footer
    • Notice the footer of the email contains “Virus-free. http://www.avg.com”. Google is a big enough company that they don’t need to use a 3rd party company (AVG Antivirus) to scan emails for viruses.
  • Link
    • The “View Calendar” link looks harmless enough. Just before you click on it, hover over the link with your cursor. The link will be displayed at the bottom of whatever browser you are using. This email linked to “vk39fk6q.r.eu-west-1.awstrack.me…….”. That is definitely NOT a Google Calendar address!
  • A couple other items to look for…
    • Proper grammar, spelling, broken english, etc.
    • Threats (If you don’t do that, then I will do this).
    • Generic names/salutations.
    • Requests for account information/passwords.

In the news
There are plenty of examples of phishing attacks in the news. Check out the articles below.

https://www.engadget.com/2018/05/14/california-teen-phished-teachers-change-grades/

https://apnews.com/07f686a4895f4b1190040f5d7e33e464/Florida-hack-exposed-files-of-up-to-30,000-Medicaid-patients

Conclusion
If you see a email that looks strange err on the side of caution and JUST DELETE IT!

 

 

 

Article written by Trent Miller. Reference- https://www.knowbe4.com/phishing