What is Phising? Stay informed

Phishing is a cyber-attack method used by cybercriminals. Most of the time, attacks are untargeted; However, targeted cyberattacks against businesses and their employees are becoming more commonplace. The basic aim of phishing is to trick users into believing they’re communicating with a trusted source and to engage with them. The Basics Phishing can come in many forms: from the most basic to sophisticated cloned websites and phone number spoofing that provide a false sense of security. Therefore, any engagement involving personal information should be scrutinised at all times. The most common; basic form of phishing attacks are usually in email format. These emails aim to convince the recipient to enter (or confirm) personal information and/or download malware. The nature of email means that the list of potential targets is very high. Emails are sent quickly and en masse to millions and if undetected can blend in alongside legitimate email. As with any spam, the vast majority of Phishing emails will wind up in a spam folder or blocked before even coming close to your mailbox. However, due to the sheer volume of emails sent, a small percentage will make it through and an email will arrive in your inbox. That’s why it’s always important to double-check any website addresses or email headers. Always keep your wits about yourself when it comes to passwords and sensitive data. Deploying software updates promptly could have prevented some of the biggest cyberattacks. The malware contained within phishing emails can be very destructive to your device. At the start of 2017, the NHS suffered a cyberattack it was vastly unprepared for. This attack used a type of malware called Ransomware, specifically WannaCry. Which infected devices across the NHS, hindering staff’s ability to access patient records and carry out normal operations. If it wasn’t for the swift actions of an independent security researcher, the NHS’ ability to help critically ill patients would have been severely diminished and potentially held to ransom by cybercriminals. Although not a targeted phishing incident, malware like WannaCry is mostly distributed through phishing. At Vyper Networks we suggest preventing phishing attacks through a Swiss-cheese type model. This model works by assuming that no single layer of protection can cover everything. Combining multiple layers of technical security measures, a system has better protection. Identify Malicious Messages When considering phishing attacks, it’s important to be able to correctly identify a phishing attempt, this helps to stop the attacker in their tracks and prevent any negative effects. Knowing this will help you identify a phishing message before you’re “on the hook”. For example, cybercriminals engaged in Phishing attacks tend to use language that infers a sense of urgency.

For more information on What is Phising? Stay informed talk to Vyper Networks Limited