OlympusNet News
SANS Cyber Security Blog: What is Phishing and Why?
The following has been abridged by OlympusNet. The link at the end points to the original.
This may sound like a silly question as everyone knows what phishing is, but you would be surprised at how often people have different definitions. Phishing is a type of social engineering attack. Social engineering is when a cyber attacker tricks or fools their victim into doing something they should not do, such as giving a criminal money, sharing their password, or giving an attacker access to their computer. Cyber attackers have learned the easiest way to get something is to just ask for it. This concept is not new, con artists and scammers have existed for thousands of years, it’s just that the Internet makes it very simple for any cyber attacker to pretend to be anyone they want and target anyone they want.
Cyber attackers are creating more novel phishing emails, including…
Call Back
Once again, there is no link or attachment in the email, but there is a phone number. The goal is to get the victim to call the phone number, and once they have you on the phone the attackers are VERY persuasive. These attacks often appear to be an invoice stating you owe money or a charge to your credit card. They create a tremendous sense of urgency. Anthony Davis does a great walkthrough of one of these attacks.
QR Codes Instead of including links in an email, cyber attackers include QR codes. At first this may sound odd but it’s actually brilliant. QR codes act like links that send you to websites. But there are advantages with QR codes in email. First, not all phishing filters can analyze QR codes. Second, if the attacker can get the victim to use their mobile device to visit a website, security teams often don’t have visibility or control of that mobile device, making it far more vulnerable.
Watch for the following phishing indicators
- Urgency: Any email or message that creates a tremendous sense of urgency, trying to rush the victim into making a mistake. An example is a message from the government stating your taxes are overdue and if you don’t pay right away you will end up in jail.
- Pressure: Any email or message that pressures an employee to ignore or bypass company policies and procedures. BEC attacks are an example.
- Curiosity: Any email or message that generates a tremendous amount of curiosity or a sense that something is too good to be true, such as an undelivered UPS package or receiving an Amazon refund.
- Tone: An email or message that appears to be coming from a coworker, but the wording does not sound like them, or the overall tone or signature is wrong.
- Generic: An email coming from a trusted organization but uses a generic salutation such as “Dear Customer.” If FedEx or Apple has a package for you, they should know your name.
- Personal Email Address: Any email that appears to come from a legitimate organization, vendor, or coworker, but is using a personal email address like @gmail.com.
View and download this and earlier SANS Cyber Security Blog articles from
https://www.sans.org/blog/