TL;DR
- Check the sender of the email.
- Check URL of the link you need to click.
Attackers are being forced to become sneakier and more sophisticated as information security, #infosec, awareness grow. Companies are forced to strengthen their networks to combat the ever-changing infosec landscape. Sometimes you may have all the necessary checks in place to keep your company secure but all it takes is one click to compromise your network.
It is a well-known fact that the weakest link in any security system are people. It could range from a number of things such as uneducated users, social engineering or maybe even a simple mistake. We have found that when you teach your people how to identify and assess the risks, you are one step closer to maintain your security and privacy.
What is a phishing attack?
Email is one of the platforms most commonly used by all people today. Whether you like it or not, it will be leveraged and exploited to gain access to the network.
A phishing attack does exactly this. A well-designed email that entices the user to click a link which then may launch an attack immediately or request user details to complete the attack. I just received one such mail today, and whilst not totally convincing it does have some merit.
The link to “Listen to Voice Content” is very appealing. What could it be, who was calling me, maybe it’s a sale, maybe I won something, I must click and listen. I can even see that there is a ‘customer service’ link and alongside a Microsoft and Office 365 logo.
This has to be legit, right?
After clicking the link, you would be redirected to a site that tries a number of browser exploits to gain further access to your machine. You may be requested to log in using company credentials which will then immediately be used to hack your account, lock you out of the system or gain wider access to your companies sensitive files.
The solution.
So how does one spot the phishing attack you may ask, as it is the title of this blog.
Step 1. Review the sender.
If the sender is unknown or not someone you know, that’s a dead giveaway.
In this case, a masked email which has nothing to do with Microsoft.com
Step 2. Hover over the links and review the URL you are being directed too.
In this case, this URL doesn’t match the sender or anything Microsoft or Office 365. This is a dead giveaway of its legitimacy.
The best course of action is to simply delete the email. There is no voicemail, just an attacker waiting to steal your data and infiltrate your company network to monetize it via ransomware or data breach cash days.
There you have it, a quick and easy way to spot a phishing attack email. While this may seem like trivial information and everyone should know this, you should never assume this when it comes to your security. You would much rather be safe than sorry. The last thing you would want to do is pay $5000+ to get your files back.