Advantage IT Management Blog

Advantage IT Management has been serving the Mobile area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Phishing Can Have Multiple Attack Vectors

Phishing Can Have Multiple Attack Vectors

Phishing is a pressing issue for everyone, not just businesses. The main problem is that the phishing messages keep getting more and more sophisticated and keep coming and coming until, eventually, something negative happens. For this week’s tip, we wanted to discuss the different types of phishing you can encounter. 

Before we get started breaking down the types of phishing there are, let’s review what exactly phishing is. 

Phishing is a Social Engineering Attack

Phishing attacks target users rather than the underlying computing network. These days, with the security controls that many organizations pay good money for, it is even harder to access a computing network without legitimate credentials; and, because of this, it is easier (and more cost-effective) to target the end users. 

As a result, these hackers come up with a scam (or many scams, actually) that target people who may have access to a network that carries with it the sensitive information that most businesses have on file these days. Let’s take a look at some of the types of phishing scams.

Phishing Via Email

The phishing email makes up for over ninety percent of all phishing messages in total. Essentially, they are emails that come into an inbox seemingly through legitimate means and end up scamming the recipient to hand over their credentials. Here is some of the most prevalent information about email-based phishing attacks.

  • They Have Attachments - An unexpected attachment in an email can easily be used as a vehicle for malware and other attacks. These can be either individual documents, or in the form of a ZIP file.
  • They Contain Spoofed Links and Senders - Many phishing emails will appear to come from certain senders or websites, trying to take advantage of the inherent trust that these senders or websites have in the public. Paying close attention to these links and senders will help you catch these efforts.
  • They May Have Serious Misspellings and Grammatical Errors - Most professional communications are (or should be) proofread fairly extensively before being sent. Therefore, an email that presents a lot of these issues is somewhat likely to be a phishing scam.

Phishing Via Text Message

A form of phishing message that is sent via text message is called Smishing: The hallmarks of this type of scam include:

  • Messages from Numbers You Don’t Recognize - Messages that come from non-cell numbers can be a sign of a scammer using an email-to-text service.
  • Messages that are Completely Unsolicited - If a message purports to come from an organization and you didn’t prompt any communication with them, take it with a grain of salt and reach out to that organization through another means.
  • It Contains Personal Information - If there are personal details shared in the message itself, it could very well be a phishing scam, as scammers will try to add pressure on their victims.

Phishing Via Phone Call

Getting a phishing message over the phone is called Vishing. Typically the call will try to determine facts about you to which the hacker will use to gain access to your accounts. Here are a few variables to watch out for:

  • Too Good to Be True Offers - Phishers will often place phone calls promising rewards or perks that are unrealistically appealing.
  • Calls from Authorities - If you receive a call from some organization or higher authority, don’t be afraid to question its validity…particularly if they start pressuring you and/or are trying to scare you.
  • Excessive Personal Details - A lot of your information can be found online so if a caller has more information than they should, that’s a red flag.

Social Media Phishing

Nowadays, phishing attacks are carried out through social media as well. To avoid falling victim to these attacks, keep an eye out for:

  • More than One Account - Some phishers will find someone, make a copy of their profile, and start sending that person’s contacts invitations to connect. This is another time you should separately confirm that someone is who they claim to be.
  • Bogus Links - Social media platforms offer phishers a very convenient means to share out links to fraudulent websites, where personal details can be harvested from unwitting visitors.

We hope this little reminder helps. If you have any questions about phishing, or how to ensure that your employees are sufficiently trained to ward off potential phishing attacks, give the IT experts at Advantage IT Management a call at 251-662-9770 today.

4 Things You Can Do to Improve Security When You W...
Give Your Business a Second Chance with Data Backu...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, March 26 2023

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

wiliam The Key Facets to Managing Personally Identifiable Information
28 January 2023
Our pricing is Pocket Friendly and less than other group buy service providers in market.Ahrefs Grou...
kanwal liaquat Most Noteworthy Data Breaches in 2019
24 August 2021
I agree with you data security is like a joke. Your data is never saved once you step on the interne...
RyanMcCawley Is it Wrong to Purchase Access to Your Own Data?
11 November 2020
As we know there are so many colleges and universities. From http://www.carwrapsanantonio.net/ stude...
WilliamMMartin What You Need to Know to Manage a Remote Workforce
29 April 2020
Managing a remote workforce is tough, but now a day it is the requirement and we all need to take ca...
Malcolm Quinn Gmail and the G Suite Get Overhauled with A.I.
13 April 2020
Some of the sites on the link can be overhauled and users can get different advantages. On the other...