What is a phishing email?
A phishing email is an email sent under a fake address attempting to impersonate an individual or organization.
This is done in order to lure a user into clicking on it and potentially compromising the security of their system. This can happen by opening a bad link or accidentally allowing the phisher to gain confidential information such as password details.
A test was sent to approximately 6 million users showed that we are more likely to click on emails containing information relating to money or offering free items.
Fake emails which proved most popular and to which users were most susceptible related to promises of money or posed the risk of losing it.
Second to these were emails which aroused the fear of missing out on an offer or opportunity. This includes free food or drinks or curiosity based requests for new contact or photo tags.
Emails emulating security notifications and missed deliveries also proved click friendly with users.
Subject lines pertaining to “Unusual sign-in activity” and other such notifications received attention from users.
What Are the Types of Phishing Emails?
1. Deceptive Phishing
This is when hackers imitate a legitimate company in an attempt to access personal information such as login credentials or bank account details.
They will often ask you to click a link to verify an account or make a payment.
When watching out for this kind of attack you should pay close attention to:
- the wording and grammar of emails
- the address the email has come from
- the details of the URL it is trying to send you to
Often small mistakes, such as spelling errors, will give away that this email does not come from a genuine source.
2. Spear Phishing
Spear phishing is when emails are tailored to the individual they are targeted at.
The tone and message are personalized to lure the target in. They will use information such as name, position, company and work phone number which they can usually access online.
The goal is the same as with deceptive phishing, to entice the user to click on a link and by doing so unwillingly give up personal information.
Think about what information is visible on your public LinkedIn or Facebook profile. Hackers will be able to access this information and use it to try and dupe you or others around you.
Social media networks such as LinkedIn are popular for businesses. We welcome familiar emails in our inbox from these organizations and mostly trust what they tell us to do.
If an email comes in that is different from the usual style you receive, or the request is different than usual it is best to exercise caution and check carefully if it is genuine.
3. CEO Fraud/Whaling
This highly targeted form of attack relies on gaining some insight into the contact details of the CEO and their style of writing in emails.
The example below shows the supposed CEO telling his colleague to email him rather than speak with him on the phone. This should raise red flags if it’s not something your CEO would normally say.
Also, if they don’t normally email you about financial matters, but they are now, that should be another red flag.
Often a CEO might not undergo security awareness training with the rest of the staff. However, it is important to make sure that all staff including senior management undergo training to avoid this from happening.
Pharming goes beyond trying to trick users into clicking on bait, and instead involves domain name system (DNS) cache poisoning.
This is where malicious code is installed on a computer or server which directs users to a fraudulent website.
The best way to prevent this occurring is to use anti-virus software.
You can also detect and prevent breaches by using firewalls to protect and secure your network.
5. Dropbox/Google Docs Phishing
As with other more targeted forms of attack, Dropbox phishing relies on users’ awareness of Dropbox and the trust individuals place in the service.
Similar attacks have been targeted at Google Docs and Google Drive users in the past.
It relies on the user clicking an “important” link in their inbox. This then sends them to a fake login page hosted (unknowingly to the organization) on the genuine site.
When using file-sharing in the workplace we recommend you adopt the use of Two-Factor Authentication (2FA). This adds an additional layer of security and is easy for employees to utilize once in place.