05 Oct Recognizing a Phishing Campaign
Phishing campaigns and attacks are a constantly debated subject in the online security world. We are going to reopen that can worms in this blog post, We are going to be looking at the signs of possible phishing attacks to help prevent you from falling for them.
But what is a Phishing Attack you ask?
Phishing attacks happen when a malicious person acts as being someone else to help gather confidential entry or important information. This may happen in the guise of a website, email, phone number even in person.
Signs of a Phishing Attack
Phishing attacks can come in all manners, with the methods the attackers use which are evolving constantly. However, there are loads of common characteristics that once you know what you looking for the are fairly easy to point out.
Clever Copycat Requests
Loads of these phishing campaigns try to copy the branding or a major company that the intended victim is familiar with. By copying the companies emails and email layouts or phone numbers.
These emails use public email registrars, which can be used to create emails with any names.
All these emails share similar domain names as known companies such as email@example.com instead of firstname.lastname@example.org. For this reason, its good to be vigilant and ensure the emails are genuine.
The Phishing attack will more than likely add urgency to the email to make the user skip the finer details of the email and click on the link or download the email attachment.
unusual bank account activity
Websites has been compromised
The most fundamental thing to keep in mind about phishing is – Attempts Will Vary. These targeted attacks have become incredibly advanced, The attackers will be able to spoof or hack your manager’s email, and then using the correct data to trick you into thinking they are your target. Stay vigilant, if there are any requests for you to visit any links or any attachments to be opened, Double-check verbally with the sender if possible to ensure the email and request is genuine.
Example of Phishing campaigns
Google Drive Phishing Campaign
Notice how odd it is to be able to use any email provider to login to Google Drive:
Bank Phishing Campaign in Brazil
Notice how the phishing campaign asks for credit card information in the last image.