Phishing scams: How to beat the Hackers

You’ve heard it all before: ‘Be careful which links you click on’, ‘don’t download anything from an unapproved source’, and ‘don’t open any dubious emails’ so on, so forth. We’ve been warned about scammers, hackers and their ilk for a while now, but unfortunately, people still seem to be falling for the same tricks time and time again.

It’s nothing to be ashamed of, even the best get scammed every now and then: case and point – it’s now suspected that the recent Yahoo breaches were actually initiated via a phishing email sent by Russian hackers… who aren’t so much ‘phishing’ anymore as they are throwing dynamite into the river and scooping up whatever floats to the top.

But never the less, the point stands that experts and professionals are still falling for the same tricks as the rest of us. Hackers are getting smarter and their tactics are more devious than ever, so what can we do to turn the tide of this battle and send the scammers on their way?

 


 

What is a Phishing scam and how do I spot one?

Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers or to embed malicious software on your network.

 

  1. Are you expecting the email?

First thing for me is to identify whether you’re expecting the email.  This is the first reason I feel that people fall foul to these scams. Too often you see emails from Parcel Force, Royal Mail, and DHL etc. explaining that a parcel is waiting to be delivered. All you have to do is click on the link attached, create a login or login with your existing details and you can re-arrange the delivery. This is the one that gets most people. Curiosity gets the better of them and the link is launched.  You’ve been directed to the spoof site and the damage is done. The key thing to remember  is  ‘are you expecting a parcel?’ If you’ve not ordered anything or you’re not expecting a parcel the chances of you requiring an email is slim.

  1. Check the email address.

There are so many emails that on face value appear to be genuine, these Phishing emails are looking more and more genuine, but the one thing that is the tell-tale sign is the email association. Yes, it may show in your Inbox as “eBay”  “PayPal” or “Halifax Customer Services” However when you look at the preview panel in your email application the email address clearly shows as something different, I’ve seen these be as poor as 28hg@mf7h.co.za through to CustomerServicesPaypal@paypal.pay.co.uk.

It’s obvious the first link hasn’t come from the expected address, however, the second does end up fooling some people. It has the company name included in the address, but with the additional .pay.co.uk identifies this as not genuine. Again be vigilant and check the sender’s details.

  1. Embedded Links in the body.

Does the email have a link to a redirected web page? Is the email trying to send you to another site? It’s very simple to add a link into an email the reads www.microsoft.com but doesn’t take you to that specific page. Hover your mouse cursor over the link (Don’t Click anything) and the true path of where this link is taking you is displayed. This will show as a small black and white link that displays the true intended destination, for example, www@mf7h.co.za.  The scary thing about these types of links is that they can direct you to a page that actually looks like the intended destination, but they are compiled with malicious links and code.

  1. Poor Spelling and Grammar

Check for spelling mistakes and misuse of the English language, many Phishing threats do come from abroad and in some cases, translation applications are used from the host language to English. This can be a tell-tale sign that the sender is not genuine as reputable companies will proof read and spell check information and documents before they go out. I appreciate that the odd typo does happen and these mistakes aren’t definitive signs of Phishing, but more obvious signs of broken English should set off alarm bells.

  1. Internal Staff Emailing

This can be a common Phishing email scam that most people can be caught out on. Picture the situation: It’s late on a Friday and you receive an email from your MD or FD asking for a document to be sent or an invoice to be paid stating “It’s OK to process this no need to check with anyone else.” We’ve seen this happen on numerous occasions and seen people get caught out by it. In one instance the MD was sat opposite the employee who rightly asked: “Are you sure about this!?” and the scam was avoided.

 

 


 

How do I stop them and what do I do if I’ve been caught out?

Don’t worry, you’re not the first and you certainly won’t be the last. These kind of scams are getting better and some of the finest minds in Tech fall prey to them every day, but that doesn’t mean you have to give up. It’s time to fight back and arm yourself against the scammers.

 

  1. Education

The first thing that best protects your business is Education. You can put all the security in the world in place to protect your company data but if your staff are nor educated on what to look out for then it can still happen you. Regularly inform your staff of these threats, make sure they are aware that they happen. If anyone in the workplace spots one of these types of scams, advise them to share their knowledge. The more times people hear or see about these the greater their awareness is and the risk is reduced.

  1. Sender Policy Framework (SPF Filters)

This is a simple email validation system that is designed to detect email spoofing.  Essentially the filter checks that the receiving email is coming from a registered email server from the sender. If the “Spoof Email” is not sent from a validated server then it will not be delivered. A simple method to prevent the threat of phishing scams.

  1. Antivirus Software

There are many antivirus solutions on the market, some are free but to be honest these don’t offer much protection. Make sure you install and regularly update your Anti-Virus Solution; the big Antivirus protection companies are regularly writing new versions and patches for their software to combat the new daily threats. Make sure you have these applied to all your device, Servers, Workstations and mobile devices.  The more up to date you can keep your software, the better protected your system will be to stop the Phishing threat from running.

  1. Ransomware Software

Some leading AV vendors have released Ransomware protection software. The end result of the Phishing Threat is to get the unknown software running on your systems. This latest Ransomware software protection can intercept the malware software from running, roll back the threat and reduce the risk of further threats.

  1. Training Sessions

Phishing threat awareness software is now available for internal testing of your staff’s awareness. This software can be set up to send ‘cloned’ Phishing threats to your staff (of course with no actual threat attached!) You can create these to replicate the above risks and gives you reports back on your staff’s knowledge and who/how many have actually clicked on the threat. It will then present them with effective training aids and courses for your staff to take for your peace of mind.

  1. Just Ask

If you think something doesn’t look genuine, you’ve been asked for personal details, asked to pay something and you’re not sure it’s true, ask someone else.  Have they received it, did they send it? Do they think it’s a scam? It’s better to spend 10 minutes questioning than a day recovering.

 

For more information on Phishing Scams or to talk to an expert about protecting your business from cyber-criminals, call us on 01733 297100 or email info@kamarin.co.uk.