Life as a High Value Phishing Target

If you’re a business owner, manager, finance person, or have any sort of purchasing power, you’re a high value target for cyber-criminals.  

You also may be described as one of three things:

  1. A whale (hackers try to “spear” you)
  2. A very attacked person (VAP)
  3. A high-value target (HVT).  

The effectiveness of phishing is indisputable.  The news is full examples and many are not even reported due to businesses trying to save face.  One example: MacEwan University staff transferred $11.4 million to criminals over the course of nine days due to “human error” as a result of phishing. Can you say, “Whoops!”?

OK, so you’re a target.  Now what?

Technology can help block attempted phishing emails. However, nothing is 100% and ultimately, YOU are the last layer of defense.  

Use the following common patterns to help identify phishing emails:  

  1. Formatting of an email from a known trusted person looks different than you remember.
    Real examples we’ve seen:

    1. An email says sent from iPhone when you know they have an Android phone
    2. The signature is different than normal, i.e it reads Anthony when you know it’s always been Tony or, it shows the main business phone number when it’s always been a cell phone number before.
  2. Any sort of urgency asking for a favor, financial transaction, shipment, airline tickets, and especially when “no time for a call” is mentioned. Criminals prefer not to talk over the phone and love to use ALL CAPS! Beware!
  3. Wiring funds, buying gift cards, Western Union transfer, money cards, or Itunes/Android credits are mentioned.  
  4. The way you’re addressed is vague or wrong, i.e. “Dear Accounting”, “Dear Sir”, etc..

In addition, if you’re more technically inclined, try some of these precautions that can immediately determine if it’s phishing or not:

  1. Prior to attempting this, remember the DO NO HARM rule: do not click on any links, attachments, or allow the email to download pictures or render fully.  We only want to analyze, not get infected.
  2. On computers only (not mobile) – look at the actual email address in the “reply-to”. If you click reply, double click or mouse over the name in the To: and look at the email address.  If it’s not their real email address, this is a common phishing method so the criminal can reply back from a free account such as Gmail.
  3. On computers only (not mobile) – If there are links, hover but do not click on them.  What does the URL look like? Malicious emails will have strange names. See below for an example.

Finally, here are three best practices to always follow when dealing with important email sent to you:

  1. If you have any doubts, call the person at a known good (not sourced in the suspicious email) phone number.  Transfer 1 million to Zimbabwe? Let me call you first.
  2. If you clicked on a link, opened an attachment, or replied to the criminal, report it to your IT team ASAP.  Please know that forwarding malicious email may trigger your IT company’s spam filters. If you don’t receive a response (i.e., ticket created notifications), create a new email to them and recap what happened in detail or call them so they can help you.  If you believe you’re infected, call them ASAP.
  3. If you see a common pattern or technical precaution and feel that it’s phishing, simply delete it.  
    • Over 150 million phishing emails are sent every day.
    • Due to the sheer quantity of phishing emails involving compromised websites, email accounts and email servers, blocking is ineffective and there’s little to be done about individual phishing attempts.
    • Have a plan with your IT company regarding what to do with individual phishing emails. Typically, if you didn’t fall for it, deleting it will be sufficient.
    • If you’re getting more than a couple emails a week, and your filter isn’t putting it in junk or quarantine, it may be time to step up the blocking technology investment and looking into more powerful solutions.  
    • There are several educational and technical strategies that help prevent a successful attack. However, always remember that nothing blocks 100% of attacks.  You are the last line of defense.

PK Tech offers several solutions to help combat phishing and educate users on how to identify suspect phishing emails.  Contact us here.