Top Tips for Phishing Defense: Strengthening Your Cyber Armor

Business Email Compromise

Essential defence strategies against phishing and spear-phishing attacks, presenting ten actionable tips for heightened protection.

The origin of “phishing’ can be traced back to the mid-1990s, when the word first appeared in a Usenet newsgroup called AOHell. A software toolkit was named this as a play on its target, AOL, and its millions of users. Phishing is deeply rooted in the lexicon of the cyber-criminal and is causing more disruption to business today than pretty much any other cyber threat.

At LoughTec, 9 out of 10 cyberattacks that we encounter originate with a phishing email and spear-phishing seems to be more in use by advanced threats, harvesting credentials from specific targets for their campaigns. While traditional phishing involves mass distribution of deceptive emails, spear-phishing is more highly targeted, where criminals meticulously research their targets, gathering data about the individual, their professional role and their digital behaviour.

Not enough time is spent discussing the role infostealer malware plays in an organisation’s initial compromise. This is malware which is spread with the intent of gathering reconnaissance from as many victims as possible, regardless of location or any specific context. It will harvest credentials, fingerprints and valid session cookies. Initial access brokers will then sell any corporate credentials they see to the highest bidder, who then try to privilege escalate and laterally move, further compromising the organisation and potentially deploying ransomware.

Ultimately everyone is susceptible to a phishing attack. Often, phishing emails are well-crafted and take a trained eye to spot the genuine from the fake. There are, however, ways to make yourself less of a target. Keep in mind our ten top tips to protect yourself from phishing and spear-phishing:

 

Name of the sender can trick you:

Email addresses and domain names can be easily spoofed. It is, therefore, crucial that you check the domain name for spelling alterations on suspicious emails. Even if they appear to have come from a trusted sender, always double-check.

 

Check for typos:

Attackers are often less concerned about being grammatically correct. This means that typos and spelling errors are often evident in messages. Such errors in an email could be a good indication that the message is not genuine.

 

Don’t share sensitive information hastily:

Any email that asks for sensitive information about you or your company is suspicious. For instance, no bank will ever ask for personal information over an email. Directly call your bank to ascertain if an email is genuine or not.

 

Don’t fall for URGENCY!

Phishing attacks use scare tactics such as urgency and authority to trick victims into taking immediate action. Emails that ask to share personal information or to make cash transactions are… ‘fishy’.

 

Hover but don’t click:

Hover over URLs. If the alt text does not match the display text, or if it seems strange, DO NOT click on it.

 

Attachments can be dangerous:

Hover over attachments to check for an actual link before you click on it or download it. But if you are still unsure of the sender, do not click on the link.

 

Is it too good to be true?

If it sounds too good to be true, chances are it is! Phishing attacks use fake rewards to tempt victims to take action. You wouldn’t win the lottery if you never participated.

 

Keep your devices up to date:

Devices, and the applications on them, are more susceptible to attacks when systems are not updated. Read our blog here for a specific example of an Office 365 account compromise. Maintain your antivirus and regularly check for updates.

 

Regularly check your accounts:

Check your accounts regularly to ensure that no changes have been made without your knowledge. Staying on top of your accounts, and knowing what data is held in each, will make spotting a phishing attack easier.

 

When in doubt, call out:

If you suspect that the security of your work device or data has been compromised, inform your cyber security team or your manager immediately.

 

For more information on Cyber Security for your organisation then contact LoughTec Telephone:  +44 (0) 28 8225 2445 or email info@loughtec.com

 

LoughTec are a leading provider of cyber security solutions and help hundreds of companies in the UK & Ireland with Cyber Security Training, Cyber Essentials Accreditation and IT Support.

LoughTec: Watertight Cyber Security and IT Solutions