Breaking Down a Phishing Attack

Suffering a phishing attack is bad news for your business. But what exactly is happening during one of these attacks? We’ll break it down for you, delivering you the insight you need to bolster your own security processes against unscrupulous hackers.

The form of the anomaly

A phishing attack can take on a number of forms. However, the most common form of phishing involves the receipt of a message — usually an email — that forms a point of access between the hacker and your business. This includes the following:

  • A link within the email or message that leads to an unsecured webpage. This webpage may make further requests.
  • An attachment to the email containing a Trojan or another piece of malicious software that will trawl the user’s computer for information.
  • Deceit, or spoof, that makes the email receiver believe they are talking to someone they can trust. This means the user may hand over information in confidence — confidence that turns out to be misplaced.
  • A phone call. In some cases, brazen phishing scammers may make contact over the phone, impersonating an entity such as a supplier, a distributor, or another department, and fraudulently extract information in this way.

The key defense

Make sure all team members are fully briefed in all of the above and know how to recognize the actions of a scammer.

The first contact

Once the first message is received, an interaction begins between the user (the phishing target) and the scammer. Perhaps the user will block or discard the message and the sender or report it immediately. Maybe they will be duped and provide the scammer with the information they request.

However, in most cases, the user will be cautious. The vast majority of your team members will have some degree of knowledge regarding phishing. As such, they won’t blindly open an attachment or click a link. Instead, they will spend time convincing themselves that the sender and the communication can be trusted.

Phishers are opportunists, but they can also be tenacious and intelligent. They may be able to convince even cautious team members to provide information or to install malicious software.

The key defense

Back up the training, you have delivered with managed IT security services or firewalls and other defenses to stop malicious software from spreading

The objective

Phishing has become a well-known term in the world of cybercrime and defense. This is because phishing attacks can be so damaging. Less well known are the terms spear-phishing and whaling. These concepts relate to the techniques deployed by a hacker, as well as the objectives they have in mind.

In a spear phishing attack, a hacker targets a particular team member that they consider to be a weak point, or a gatekeeper for, particularly sensitive information. They then target this staff member using one of the methods discussed above to get the data they need. 

In a whaling attack, the technique is a little different. Here, phishers go after a “whale” — i.e. a member of upper management or an executive — and aim to acquire high-level information. They may have a specific objective or they may just seek to gain as much valuable data as possible.

When it comes to Trojans and other pieces of malicious software, there may not be a specific objective in mind. Instead, hackers may simply hope that the software goes undetected, picking up as much data as possible in the long term.

The key defense

Examine your business structure: what weak links are there? Make sure training covers all levels, including upper management

The aftermath

The specifics of the aftermath of a phishing attack really depend on the value and amount of data loss. However, there are some common events that typically follow a damaging attack:

  • Your business reputation is damaged as you have not been able to secure client or employee data
  • You may undergo a review to check that your data security policies match up to state and federal regulation
  • You carry out an internal review to implement better safety and security practices going forward
  • You introduce better training for staff at all levels so they know how to identify an attack

The key defense

Have solid data backup and disaster recovery services in place as a robust last line of defense should all else fail.

We all think that a phishing attack will not fool us — that we are too smart for the hackers. However, it is not a case of “being smart” or “not being smart”. Instead, it is a case of recognizing the range of techniques that malicious hackers deploy and having the right procedures in place to stop those hackers in their tracks.

Speak to our team today to learn more.