Phishing is a cyber-attack in which the perpetrator masquerades as a legitimate person or entity to entice a user into clicking malicious links or downloading virus-infected attachments from well-drafted, compelling emails. Once the link is clicked, the user is often directed to an unsecured website set up to look and feel legitimate. Hackers try to retrieve personal information using social engineering techniques to trick users into divulging usernames, passwords, and sensitive financial information, putting them at a very high risk of identity theft, unauthorized purchases, and compromised systems. Downloading attachments from phishing emails could infect user devices with malware.
Phishing has been prevalent since the 90s when the Internet became popular. It is still among the most widespread threats today, more sophisticated and harder to identify with constantly evolving techniques that take-in gullible users. Common Phishing attack types are Deceptive, Spear, CEO Fraud, Pharming, and Dropbox. Each attack is based on a different form of a fraudulent email. Common forms include impersonating a legitimate company, crafting an email with a user’s personal information to make it seem authentic, attackers masquerading as service providers, bank officials, government officials, tax agents, and using fake IP addresses and Dropbox sign-in pages.
AttackSolutions maintains a database of Phishing attacks based on malicious emails received by clients that were successfully blocked or deleted. These emails serve as a knowledge base to identify and prevent newer phishing attacks. Any email identified as a potential threat is marked spam, warning the user of a possible Phishing attempt and prompting him or her to proceed with caution. Additionally, Attack Solutions also conducts training as well as provides materials to clients to aid them with identifying Phishing attacks and deploying effective countermeasures. Tools employed to prevent these attacks include SecurityIQ PhishSim, Lucy, GoPhish and Phishing frenzy.
If you have questions or comments, please use this form to reach us, and you will receive a response within one business day. Your can also call us directly at any of our global offices.