What is email phishing?
Email phishing is one of the biggest digital threats of the 21st century.
Simply put, a phishing event is when someone attempts to get sensitive information by pretending to be someone or something trustworthy through email. Often, phishing attacks come in via email in form of bulk messages from trusted sources.
Most of us see these all the time.
The most effective way to quickly and affordably stop phishing is to implement an advanced cloud based email-security system, like ContentCatcher.
Some of the potential sources of phishing that we might see include:
- Banks
- Credit card companies
- Insurance providers
- Email providers
- Spoofed emails of co-workers
- Healthcare Organizations
Forms of email phishing
There are multiple forms of email phishing.
Spear phishing – Unlike standard phishing which goes out to a broad audience hoping that some, spear phishing is about the individual receiving an email. Often, it’s your membership in a club or as a customer of a specific company.
Business Email Compromise – Also known as “The Man in the Email” attacks. There are many variations but what it commonly refers to is when an attacker spoofs a business executive or a creditor.
They will then in many cases do some research and send targeted emails to people in the accounts payable department. The end goal of these attacks is a wire transfer to a fraudulent account, which can never be recovered.
Clone phishing – This is where a recipient has received a legitimate email that had legitimate attachments or links. An attacker will then clone that email, insert a malicious attachment or link, and resend the email to the same recipient using a spoofed address of the original sender. They often will do it under the guise of a resend or an update.
Whaling – These are messages aimed specifically at a company’s upper management (catching the big guys, which is where the term whaling comes from). Very often, attacks are written as a legal subpoena, customer complaint, or executive issue. It asks the recipient to respond somehow, to act, and it will be that action that will make them fall victim. This is especially problematic as the user’s name has power and their computer has privileges meaning their PC likely has access to the company’s most sensitive data.
The main goals of most phishing attempts is to gain access to steal money through and passwords to bank accounts, and personal information like social security numbers.
How to Protect your business from email phishing
Here are five ways to avoid phishing scams. There are both technology-based solutions that revolve around increasing your email security posture and behavioral which focus on user actions.
Security Awareness Training
Train Users with Security Awareness Training – As you can see from the examples of phishing above, the one common denominator is that someone opened an email or clicked a link, or downloaded a document from a source that they couldn’t be certain was legitimate. Human error is by far the number one way that someone gets hacked and that data is stolen. In fact, direct hacks are extremely rare and exceedingly difficult, whereas the Dark Web is full of malicious software that you can use to attack someone’s systems.
User training is a concerted effort to teach everyone in a company what is legitimate and what isn’t. Using real examples, a person learns to spot possible problems before they even open an email. For example, seeing your own email address in your inbox is an automatic no-go. People can learn to avoid these traps and that can save companies billions of dollars and a great deal of embarrassment. We recommend a free phishing test by KnowBe4.
Attachments
Detonate attachments – Because attachments are the top delivery method of ransomware, malware and things like fake purchase orders, it’s vital to know what they contain before they are available to be opened by users on the network. System emulation in ContentCatcher attachment defense opens all unknown email attachments to see what they do before delivery. The system operates completely autonomously and users will never notice that attachment defense is in place.
URL Scanning
Scans URLs dynamically – The second most popular way to deliver an attack by email is to include a link to a malicious site. In the few seconds, it takes for someone to click off of the site, malicious code can be inserted into the computer and thus onto the network. By dynamically scanning all links in email, ContentCatcher URL defense will block these threats before they can cause any damage.
A URL scanning system will process an email before delivery to the end user and scan each of the URLs in the email. Once those have been scanned the system will deliver the email. Any emails containing malicious websites will be flagged and removed from the email. Links will also be scanned again dynamically when they are clicked within emails.
Check email domains
Check email domains – Spoofing of email addresses containing your domain is a very common threat. With the exception of marketing emails, there are few reasons you should ever receive emails with your domain from the internet. All internally sent emails should never tough the internet. Anti-spoofing built into your email security solution looks to prevent malicious emails spoofing your domain from coming in from the internet. ContentCatcher has spoofing protection built-in.
External email disclaimer
Add an external email disclaimer– One of the most effective ways to keep users from opening and falling victim to phishing attacks (especially spoofed internal email addresses) is to warn them to be vigilant when opening email from sources outside the company. Email phishing attacks (with the exception of some forms of business email compromise) all come from outside the company network. We recommend a disclaimer in your email similar to this: “Note: THIS IS AN EXTERNAL EMAIL. It did not originate at (your company name).”