WHAT IS PHISHING?

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

The information is then used to access important accounts and can result in identity theft and financial loss.

While every business is at risk of a phishing attack every day, some industries are more vulnerable than others. A 2020 user behavior study explored which sectors have employees most likely to interact with a phishing email.

Top 5 Sectors in Which Employees Interact with Phishing Messages

1. Consulting

2. Apparel and Accessories

3. Education

4. Technology

5. Conglomerates/Multinationals

Top 5 Sectors in Which Phishing Leads to Credential Compromise

1. Apparel and Accessories

2. Consulting

3. Securities and commodity exchanges

4. Education

5. Conglomerates/Multinationals

An estimated 97% of employees in a wide array of industries are unable to recognize a sophisticated phishing email. So, what are they most likely to do when they receive a phishing message?

1 in 3 employees are likely to click the links inside a phishing email. 

60% of employees opened emails they weren’t sure were safe.

1 in 8 employees are likely to share requested information in a phishing email.

45% of employees never report suspicious emails to IT to review

41% of employees failed to notice a phishing email because they were tired. 

45% click emails they consider suspicious because they think it might be important.

47% of workers cited distractions as the main cause in failing to notice a phishing email.

• Too Good to Be True - Lucrative offers and eye-catching or attention-grabbing statements are designed to attract people’s attention immediately. For instance, many claim that you have won an iPhone, a lottery, or some other lavish prize. Just don't click on any suspicious emails. Remember that if it seems too good to be true, it probably is!
• Sense of Urgency - A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time. Some of them will even tell you that you have only a few minutes to respond. When you come across these kinds of emails, it's best to just ignore them. Sometimes, they will tell you that your account will be suspended unless you update your personal details immediately. Most reliable organizations give ample time before they terminate an account, and they never ask patrons to update personal details over the Internet. When in doubt, visit the source directly rather than clicking a link in an email.
• Hyperlinks - A link may not be all it appears to be. Hovering over a link shows you the actual URL where you will be directed upon clicking on it. It could be completely different, or it could be a popular website with a misspelling, for instance www.bankofarnerica.com - the 'm' is actually an 'r' and an 'n', so look carefully.
• Attachments - If you see an attachment in an email, you weren't expecting or that doesn't make sense, don't open it! They often contain payloads like ransomware or other viruses. The only file type that is always safe to click on is a .txt file.
• Unusual Sender - Whether it looks like it's from someone you don't know or someone you do know, if anything seems out of the ordinary, unexpected, out of character or just suspicious in general don't click on it!

One major factor in the phishing boom has been a precipitate increase in the volume of email that businesses are handling. Of course, more email means more phishing, and cybercriminals didn’t waste the opportunity to exploit the stresses of the global pandemic and record volumes of email use to facilitate cybercrime.

Workers handled 72% more emails in 2020 than in 2019.

No two phishing attacks are the same, but they can have similar characteristics. Cybersecurity experts have divided phishing threats into separate categories or profiles to better explain exactly how each scheme gets the dirty work done – and knowing what to look for gives you an edge that enables you to spot and stop phishing before an incident becomes a catastrophe.

The Theme

A phishing attack conducted using social media lures, like emails telling the target that they have been tagged in a photo or direct message by a recruiter.

The Goal

Enticing the target to interact with a fake or spoofed login page for the requisite social media site that they can then use to capture the victim’s password. The cybercriminals can then perform an ATO and use the victim’s account for fraud like BEC or snoop for information on the victim’s connections to help them better target sophisticated spear phishing attacks.

The Scam

Angler phishing is a relatively new form of phishing that has risen to prominence over the past decade. The preferred format for a malicious message using this technique is email, but it can also be conducted through messaging. LinkedIn messages are the most effective for cybercriminals, with a 47% open rate. Some examples include:

• Recruiters are looking at your profile!
• You appeared in new searches this week!
• Please add me to your LinkedIn network.
•  A new photo of you has been tagged on Facebook.
• Someone sent you a direct message on Twitter.
• See who is looking at your profile!
• Join my network on LinkedIn!

The Damage

Victims that fall for this scam can have their social media accounts stolen or compromised. They are also at risk of identity theft. The companies that those victims work for should hope that their employees who fall for this scam aren’t among the 60% of workers who use the same password for work and home applications.

The Theme

A phishing attack that is conducted using carefully crafted or spoofed emails designed to trick the victims into believing they’re legitimate messages from trusted entities. Variations of this scam include impersonating retailers, service providers, government agencies, charities or business partners.

The Goal

To acquire money, credentials, sensitive information or access to financial information from victims.

The Scam

This variety of phishing offers the cybercriminal a wide variety of potential personas. Brand impersonation scams often make use of records from data breaches at the brand or similar entities acquired in dark web data markets and dumps as well as genuine emails from the brand to spoof.

They can include:

• An alert that you need to login and patch a vulnerability from a software provider.
• A message asking for address confirmation for a shipment.
• Fundraising messages from a favorite charity.
• A routine message asking the target to reset a password at a shopping site.
• Inquiries from a professional organization that’s updating its records.
• A survey that promises prizes for filling it out.
• A notice from the city saying that you’ve underpaid your property tax.
• New terms and conditions from the phone company that you must click to acknowledge.
• An email about a special sale at your main supplier.
• An advertisement from a theme park where you’ve vacationed, offering deals.

The Damage

This devious tactic opens businesses up to BEC, ATO, intrusions, malware,

ransomware, data breaches and other nasty incidents. The most imitated

brand of 2020 was Microsoft, which made up 45% of all brand impersonation

attacks, followed by DHL and Amazon.

The Theme

A phishing attack that uses fake emails to request payment from a business.

The Goal

Getting businesses to transfer money or provide sensitive financial information under false pretenses.

The Scam

The tricky part of spotting BEC attacks is that they’re carefully crafted to be so believable that they fly right under the radar. They are primarily targeted to ensnare people within an organization who handle matters of payment or can access funds quickly like:

• Administrative assistants who routinely process payments for small expenses.
• Executives who can order bills to be paid without oversight.
• Clerks who make vendor payments.
• Budget controllers who pay for recurring services.
• Accounting personnel who regularly renew licenses or pay government fees.
• Associates who regularly wire money to other companies
• Any employee who has access to spend or transfer funds.

The Damage

BEC enables cybercriminals to get paid directly and capture financial information like banking accounts and executive credit card numbers to facilitate fraud and other financial damage.

The Theme

A phishing attack that packs a punch by delivering a nasty software surprise.

The Goal

To infect computers with malicious software that enables cybercriminals to encrypt systems and data, making them inaccessible without a “key” obtained from the bad actors that did the deed.

The Scam

Malware and ransomware are weapons that can be wielded by cybercriminals against business, infrastructure, private and public sector targets. 

Some common ways malware and ransomware are used include:

• Taking control of manufacturing, production, or industrial equipment.
• Secretly copying data to a server controlled by cybercriminals.
• Installing payment skimmers to steal credit card numbers or divert online payment funds.
• Encrypting systems and data to disable operations and demanding a payment for the key.
• Snatching up important data like medical research, schematics, records, formulas or databases.
• Stealing sensitive data and threatening to release it on the dark web without a ransom payment.
• Shutting down internet-enabled systems, from transportation systems to IoT devices.
• Enabling hacking and intrusion by nation-state actors.

The Damage

Malware and ransomware are the most dangerous results of phishing and can destroy infrastructure, harm research and development efforts, shut down production lines, drive a business into bankruptcy, facilitate espionage and terrorism, or even be used as a weapon of war.

The Theme

A phishing attack featuring personalized details in the lure that add believability to increase the likelihood that the recipient will take the bait.

The Goal

To lure unwary recipients into taking an action that compromises their credentials, obtains sensitive information or deploys malware (including ransomware).

The Scam

Cybercriminals use personalized information about their targets to craft emails that seem legitimate, often powered by information obtained from dark web markets and data dumps. 

These lures can include:

• Emails from the recipient’s alma mater asking for updated address information.
• A message advising the victim to reset their password at a social media site.
• Free downloads from organizations to which the recipient belongs.
• Requests for donations from charities that are in the recipient’s sphere.
• Fake political emails from candidates or parties.
• Attachments like brochures or notices from trusted sources like a government agency.
• Spoofed messages from the recipient’s regular service providers, suppliers or other vendors.

The Damage

Spear-phishing is growing increasingly more dangerous as the amount of data available to cybercriminals allows them to create better bait. It is commonly used to capture credentials, steal information, cause a data breach, or deploy malware and ransomware.

The Theme

Whaling is a highly specialized spear-phishing attack that is crafted to perfectly imitate a company executive, or alternately, to fool a company executive into thinking that the message is from a trusted source.

The Goal

To lure an employee into performing an action like giving out a privileged credential, supplying sensitive information or transferring money without asking questions out of a desire to please the boss. Alternately, cybercriminals use this technique to convince executives that they are a trustworthy business associate who is owed money or is privy to proprietary data.

The Scam

Highly specific lures are crafted using personalized information about the target gathered from publicly available sources, harvested from social media sites and obtained from dark web markets and data dumps. Sometimes the cybercriminals will spoof legitimate messages or leverage a legitimate email account gained through BEC. 

These lures can include:

• Emails from the recipient’s bank, credit card company or a similar source.
• Invoices from contractors or freelancers.
• Updates from a software vendor.
• Charitable donation requests.
• Fake political emails from candidates or parties.
• Attachments like brochures or notices from trusted sources like a government agency.
• Spoofed messages from the recipient’s regular service providers, suppliers or other vendors.

The Damage

Whaling and CEO fraud aren’t the most frequently conducted types of phishing because each operation requires extensive research and a high level of skill in crafting and delivery. Bad actors will frequently use brand impersonation in these attacks and usually favor posing as Zoom, Amazon and DHL.

The FBI’s IC3 report confirmed that phishing attacks are at their highest level in four years – and that number is only going up. Whether they’re stealing credentials or deploying ransomware, one thing that all forms of phishing have in common is that they require human interaction to work. That means the best way to prevent employees from clicking on a phishing email is to prevent them from ever receiving it.

That’s where T3 Technologies’ Anti-Phishing Security Powered by Graphus comes in. As an AI-powered automated sentinel against phishing, this innovative solution provides businesses with three overlapping layers of smart protection based on a patented algorithm that spots and stops phishing email without disrupting your flow of communication.

1. TrustGraph, uses more than 50 points of comparison to determine the legitimacy of every incoming message.

2. EmployeeShield, warns employees if a message from a new contact seems unusual, placing a warning banner at the top that enables them to mark it as safe or report it as phishing easily.

3. Phish911, adds everyone to the cybersecurity team by empowering employees to reject suspicious messages with just one click, immediately quarantining them for all recipients pending inspection by the T3 Technologies IT team.

T3 Technologies’ Anti-Phishing Security Powered by Graphus takes care of many routine activities, freeing up your employees to focus on complicated tasks that require human ingenuity. This always-on guardian never takes a day off, continually providing your business with useful benefits that enhance your cybercrime protection at a great price.

Reducing your organization’s phishing risk has never been more important, and we make it easy. Put T3 Technologies’ Anti-Phishing Security Powered by Graphus to work for your business to gain strong protection against today’s biggest threats and peace of mind – because it’s time to stop worrying about phishing and start worrying about more important things like growing your business.