92% of attacks start with a phishing email: a figure that does not decrease despite the measures implemented and awareness-raising actions. So why is this type of attack always successful?
Phishing emails are increasingly sophisticated and bypass email filters more and more. Hackers are constantly advancing in order to hide from users and to fool them. However, many of these emails follow the same pattern and share similar characteristics.
Phishing: The Clues That Never Deceive
Hackers take care to conceal any trace proving that it is not a real email. It is therefore necessary to carry out a thorough examination:
- It is advisable to be wary of the subject of the mail: if it is threatening or very insistent, it is better not to open it and not to click.
- It is important to verify the sender’s e-mail address: the e-mail domain must match that of the brand, without unnecessary characters.
Is the email personalized with a first name or is it completely impersonal?
Before clicking, it is best to hover your cursor over the link to verify the destination. A phishing link will often be long and with many special characters.
Entering the brand’s address directly into the browser avoids having to click on the link and access the site directly.
The Top 3 Most Frequent Scams
1. The Invoice Scam
The invoice scam consists of impersonating a colleague, a brand or a supplier, then sending an email in their name to the targeted user, containing as an attachment a self – saying large invoice, but above all containing a link to a phishing page inviting the recipient to connect and pay the amount requested. It also happens that when opened, the attachment starts to download malware or ransomware.
We receive security alerts every day from software or application vendors. Most often, these notifications explain that suspicious activity has been detected on an account, that someone has logged into an account from an unknown device, or that a password will expire soon.
These fake alerts come from banks, cloud services and email providers. Hackers take steps to make their phishing emails look like real alerts. Thus, the user believing in a real threat will click on the link and by logging into his account, believing to solve the (false) problem. The objective of these attacks: to get the recipient to take action quickly.
2. Payment Method Update Scam
During a payment method update scam, the recipient is informed of a payment error, that their bank card has expired or is about to expire. You are therefore requested to log into your account in order to update your card. For some attacks, hackers take the time to analyze the company and target an employee who can manage the updating of accounts.
However, any disruption in service can lead to loss of revenue, IT shutdown and even loss of customers if these interruptions occur regularly. This technique is therefore very effective because it pushes recipients to act on instinct.
A shared files attack consists of sending a fake SharePoint or OneDrive notification along with a phishing link that is supposed to allow viewing of the shared document. In most cases, hackers spoof the email address of someone known to the recipient (a colleague or business partner). And for the most sophisticated attacks, hackers design real SharePoint and OneDrive notifications through Office 365. The height of progress: some of them generate notifications through compromised Office 365 accounts. This type of attack has become very widespread in recent years, as companies increasingly resort to filing hosting services.
3. Voicemail Scam
In the case of a voicemail scam, the email is often quite short since it only informs the user that a new message has been received. Usually, the email comes from a spoofed address in order to be similar to legitimate alerts from services like Office 365.
The recipient is then invited to connect to their Office 365 account via a link to be able to listen to their message. The voicemail message can also take the form of an attachment including a phishing link. This type of scam also allows ransomware to be downloaded when opening the attachment or when the user agrees to enable macros in the document.
Phishing has been used for decades. It has never stopped evolving and remains today one of the main methods used by attackers to penetrate corporate systems or steal sensitive information.
For this, the theft of well-known brands is one of their great classic to deceive users via the various techniques listed in this article. Technology has advanced a lot and more and more advanced techniques based on artificial intelligence are used.
It is the user who plays an essential role in the fight against phishing, it is, therefore, essential to give him the keys to understand and detect it.