Image courtesy: kaspersky.com
When you think of Newfoundland & Labrador, fishing may come to mind, and why not? It’s what the province was founded on when the first settlers discovered our rocky shores - intrepid fishermen, baiting their lines and casting their nets. Fast forward 500 years and a new form of baiting – called phishing - is on the rise and the financial implications are huge.
Phishing is a cybercrime in which targets are contacted by email, telephone or text message by someone posing as a legitimate business to lure the target into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords The information is then used to access important accounts and can result in identity theft, financial loss and more.
Despite being one of the oldest scams on the internet, phishing continues to be a significant problem for both individuals and organizations. In fact, numbers seem to be on the rise, as Anti-Phishing Working Group saw a constant stream of phishing reports and confirmed attack sites in the first half of 2017.
How does a phishing scam work?
The nature of phishing attacks is always changing. Phishing emails – appearing to come from genuine sources – often instruct the recipient to visit a bogus web page where they are asked to disclose their log-in credentials. Alternatively, they may be invited to open a malware-infested attachment, or click on a link to visit a genuine webpage that has had its vulnerabilities exploited and harbors malware. Phishing is not limited to email, though. Text/SMS and phone scams exist, too, though they’re often easier to spot. For the purpose of this post, we’re going to focus on phishing emails.
Why do they work?
Phishing is popular among cyber attackers because it is easier to trick someone into clicking on links or downloading attachments than trying to break into their system defenses.
It works because they appeal to emotions. It promises great deals or alerts you that there may be a problem with an account, preying on your excitement, curiosity or fear.
What do I look for? How do I spot one?
By their very nature, phishing scams are designed to look like they’re from reputable, familiar companies. Recently, huge companies such as Netflix, Amazon and Dropbox have all been an unknowing target by scammers. Look at the example below claiming to be an email from online retailer Amazon.com:
Image courtesy: InfoSec Institute
At a glance, it seems legitimate – the logo looks right, the font and layout are more or less correct - but look a little deeper and you’ll see some immediate red flags. First, look at the Sender field highlighted in red. It shows up as Amazon but the actual email address is firstname.lastname@example.org (note the ‘A’ missing in Amazon). This is totally wrong as almost all emails coming from a legitimate company will come from their domain, ie. Amazon.com.
The second box flagged shows a generic, non-personalized greeting. Again, almost always, legitimate companies will use merge field to use your first name.
The third box is the real bait and this is where the danger lies. The link purports to link back to Amazon however a mouse hover over the link shows where the user will actually go if they click the link. This redirection is the essence of any phishing campaign and will likely link to a page that is designed to look like an Amazon page, but isn’t.
Spot anything else? Notice that the word “believe” in the first line of text is spelled incorrectly. Bad spelling and poor grammar are tell-tale signs that something is wrong. Finally, notice the last line of text in the body? It’s a threat. The phisher has threatened that if action by the recipient isn’t taken – there’s that fear component – the account will be terminated.
So what can I do?
Simply put, stay vigilant. If you get an email that looks suspicious, here are a few things to check for:
- Check that the email address and the sender name match.
- Check if the email is authenticated. (Gmail customers only)
- Hover over any links before you click on them. If the URL of the link doesn't match the description of the link, it might be leading you to a phishing site.
- Check the message headers to make sure the "from" header isn't showing an incorrect name.
When in doubt, report it to the Canadian Anti-Fraud Centre or the institution that it appears to be from.
If you received one of these suspicious e-mails and you unwittingly provided personal information or financial information, follow these steps:
Step 1 - Contact your bank/financial institution or credit card company
Step 2 - Contact your credit bureau and have fraud alerts placed on your credit reports:
- Equifax Canada - Toll free: 1-800-465-7166
- TransUnion Canada - Toll free: 1-877-525-3823
Step 3 - Contact your local police
If you have any questions about phishing or other types of cyber attacks, or if you would like to discuss potential coverage options to further protect your business, contact Wedgwood Insurance Limited today.