Phishing is a form of fraud in which an attacker poses as a reputable entity or person in an email or other forms of communication. Attackers will commonly use phishing emails to distribute malicious links or attachments that can perform a variety of functions. Some will extract login credentials or account information from victims.
How phishing works
Phishers can use public sources of information to gather background information about the victim's personal and work history, interests, and activities. Typically, through social networks like LinkedIn, Facebook, and Twitter where information is collected and can then be used to craft a believable email.
Generally, a victim receives a message that appears to have been sent by a known contact or organization with the intention of installing malware on the user's device or direct the victim to a fake website. Fake websites are set up to trick victims into divulging personal and financial information, such as passwords, account IDs or credit card details.
Although many phishing emails are poorly written and clearly fake, cybercriminal groups increasingly use the same techniques professional marketers use to identify the most effective types of messages.
How to recognize a phishing email
Successful phishing messages are difficult to distinguish from real messages. Usually, they are represented as being from a well-known company, even including corporate logos and other collected identifying data.
However, there are several clues that can indicate that a message is a phishing attempt. These include:
The message uses subdomains, misspelled URLs (typo squatting) or otherwise suspicious URLs.
The recipient uses a Gmail or other public email address rather than a corporate email address.
The message is written to invoke fear or a sense of urgency.
The message includes a request to verify personal information, such as financial details or a password.
The message is poorly written and has spelling and grammatical errors.
Read more here about the most common types of phishing attacks and its techniques.
How to prevent phishing
To help prevent phishing messages from reaching end users, we recommend layering security controls, including:
antivirus software.
both desktop and network firewalls.
antispyware software.
anti-phishing toolbar (installed in web browsers).
gateway email filter.
web security gateway.
a spam filters.
phishing filters from vendors such as Microsoft.
Phishing examples
Phishing scams come in all shapes and sizes. Users can stay safe, alert and prepared by knowing about some of the more recent ways that scammers have been phishing.
Digital payment-based scams
These happen when major payment applications and websites are used as a ruse to gain sensitive information from phishing victims. In this scam, a phisher masquerades as an online payment service (such as PayPal, Venmo or TransferWise).
Finance-based phishing attacks
These are common forms of phishing, and it operates on the assumption that victims will panic into giving the scammer personal information. Usually, in these cases, the scammer poses as a bank or other financial institution. In an email or phone call, the scammer informs their potential victim that their security has been compromised. Often, scammers will use the threat of identity theft to successfully do just that.
Work-related phishing scams
These are especially alarming, as this type of scam can be very personalized and hard to spot. In these cases, an attacker purporting to be the recipient's boss, CEO or CFO contacts the victim, and requests a wire transfer or a fake purchase.
An attack can have devastating results. For individuals, this includes unauthorized purchases, the stealing of funds, or identify theft.
It is important to note that all employees at a company need to be diligent with phishing attacks, as if one person is compromised, the internal email list can be exposed. After that, the rest of the company may receive more targeted and specific attacks that are easier to believe.
Moreover, phishing is also used to gain a foothold in corporate or governmental networks as a part of a larger attack, such as an advanced persistent threat (APT) event. In this latter scenario, employees are compromised in order to bypass security perimeters, distribute malware inside a closed environment, or gain privileged access to secured data.
Stay alert for all suspicious emails and remember that criminals will use your emotions, information and up to date subjects to deceive you.
Sources: