Connect with us

Hi, what are you looking for?

HEADLINES

Protecting yourself from new email phishing scams

As email continues to dominate business communications both internally and externally, it remains to be the most common entry point for cyberattacks – sneaking malware and exploits into the network, and credentials and sensitive data out.

Sophos, a global player in next-generation cybersecurity, warns against the emergence of new email phishing scams. 

As email continues to dominate business communications both internally and externally, it remains to be the most common entry point for cyberattacks – sneaking malware and exploits into the network, and credentials and sensitive data out.

The latest data from SophosLabs shows that in September 2020, 97% of the malicious spam caught by its spam traps were phishing emails, hunting for credentials or other information. The remaining 3% was a mixed bag of messages carrying links to malicious websites or with booby-trapped attachments, variously hoping to install backdoors, remote access trojans (RATs), information stealer or exploits or to download other malicious files.

Phishing remains a frighteningly effective tactic for attackers, as operators behind them continue to refine their skills and enhance the sophistication of their campaigns.

Sophos noted two recent examples on the rise: 

Business Email Compromise (BEC): No longer confined to poorly spelled or formatted messages pretending to come from the CEO and demanding the immediate and confidential transfer of significant funds, the latest iterations are subtler and smarter. The attackers are doing their groundwork before launching the attack. They get to know the business and the target executives, adopting their language style and tone, and sometimes even actual email accounts. The absence of malicious links or attachments in such emails make them difficult to detect with traditional security tools.

Advertisement. Scroll to continue reading.

Phishing emails without links: these phishing emails bring cloned websites as HTML attachments. The attachment would simply open up the enclosed web page in the comparative safety of victims’ browser’s sandbox and ask them to unwittingly fill-up forms that will send off their data to websites controlled by criminals. Email passwords are among the most valuable credentials for crooks to acquire, simply because many people use their email account for password resets on a multitude of other accounts.

The good news is that there’s no need to learn a whole new set of precautions against these new phishing scams. To protect yourself,  Sophos recommends the following: 

  • Avoid HTM or HTML attachments altogether unless they’re from someone you know and you are expecting themAvoid logging in on web pages that you arrived at from an email. If it’s a service you already know how to use – whether it’s your email, your banking site, your blog pages or a social media account – learn how to reach the login page directly. If you always find your own way to your account login pages, you’ll never be tempted by fakes.
  • Turn on two-factor authentication if you can. Two-factor authentication means that you need a one-time login code, usually texted to your phone or generated by a special app, that changes every time. 2FA doesn’t guarantee to keep the crooks out, but it makes your password alone much less useful to them if they do manage to phish it.
  • Change passwords at once if you think you just got phished. The sooner you change your current password after putting it into a site you subsequently suspect, the less time the crooks have to try it out. Similarly, if you get as far as a “pay page” where you enter payment card data and then realise it’s a scam, call your bank’s fraud reporting number at once. (Look on the back of your actual card so you get the right phone number.)
  • Use a web filter. A good anti-virus solution won’t just scan incoming content to stop bad stuff such as malware getting in, but will also check outbound web requests to stop good stuff such as passwords getting out. Even in “clickless” attacks, the password exfiltration relies on an outgoing web connection that a web filter could block.

Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The combination of Sophos Intercept X with Snapdragon compute platforms will provide users next-generation security through an always on, always connected PC environment.

HEADLINES

Providing a sense of security for its subscribers has pushed Converge to also provide quick access to online support while raising awareness through online...

HEADLINES

Poll shows how people are managing the pandemic as we approach the one-year anniversary of the start of large-scale quarantines that forced millions of...

HEADLINES

The Philippines slipped two notches down from its previous ranking in the latest top 10 global list of countries with the most web-borne threats...

HEADLINES

bluedog was launched two years ago to make professional cybersecurity services accessible to a wider audience – including businesses in Asia and smaller firms...

HEADLINES

The remote setup had employees bringing home their workstations, taking devices out of the protection of cybersecurity systems found inside offices and leaving them...

HEADLINES

Last spring, more than 1 billion schoolchildren around the globe were affected by school closures as countries attempted to slow rising infection rates. For...

HEADLINES

The multibillion-peso investment has enabled the two companies to block 3,020 domains that host illicit materials featuring children as mandated by the National Telecommunications...

Advertisement