TitanHQ

TitanHQ Blog

Dodging 4 Hidden Dangers of Phishing Scams

Posted by Geraldine Hunt on Thu, Sep 5th, 2019

About one in ten emails are part of a phishing attack. Since phishing attacks are all about deception, that adds up to a lot of trickery and fraud.  Fraud and deception usually accompany malevolent deeds that harm the victims that fall for them.  Where there is phishing, there is usually some type of hidden danger lurking.  Below, we have outlined some of the most prevalent dangers that your organization could potentially experience from a phishing attack and how to combat them.

Ransomware or other Malware Attack

Ransomware was a menace that some thought was on the downslide.  Not anymore.  According to a recent Covewave study, the average ransomware payment increased by 184 percent between Q1 and Q2 of 2019.  Part of this attributed to a new type of Ransomware-as-a-Service called Sodinokibi that first began appearing in May of this year.  Its most recent mark of devastation was a wide-scale attack on government institutions throughout the state of Texas that brought down the network services of 22 municipalities.  Stories such as these have become all too common as of late.  Ransomware is a billion-dollar industry and phishing continues to be one of the primary delivery mechanisms for it. 

Unsurprisingly 92.4 percent of malware is delivered via email.  In order to avoid malware infestations carried out through phishing, it is imperative to have an email security solution that incorporates malware protection.  A solution such as SpamTitan that incorporates double antivirus protection is an excellent way to combat these threats.  Another technology tool to help eradicate malware attachments is the next-generation solution of sandboxing.  This allows users to open suspect attachments in an isolated environment.  There they can either be detonated or confirmed safe.  While many email security vendors do not offer sandboxing, it is part of the standard offering with SpamTitan.

Email Address Spoofing

You get an urgent email from the company CEO that a last-minute wire transfer must be made in order to complete an acquisition.  What do you do?  These types of situations occur daily as spoofing is now commonplace within corporate email environments.  It’s natural to wonder how cybercriminals can so easily spoof enterprise email accounts.  One must remember that the core email protocols were created in the 1980s when the internet was a trusting place.  No one conceptualized the malicious tactics that cybercriminals that threaten our institutions today. 

Traditional spam filtering has a hard time stopping well-conceived email address spoofing as these types of attacks are targeted and well designed.  Often the verbiage contained within these emails matches the communicative culture of the targeted organization as hackers spend weeks if not months learning the email behavior of their prospective victims.  The best approach is to legitimize the sending email address.  Many assume that DNS hosted SPF records can stop spoofing alone but that is no longer the case.  You need the complete package of SPF, DKIM and DMARC records to truly authenticate email origin.  Unlike SPF records, it is difficult to create DKIM and DMARC records on your own.  That is why SpamTitan includes DMARC verification as part of its solution suite.  Simply use the DMARC generator to create your own records. 

Pharming Attacks

Cybercriminals are constantly adapting their techniques to more effectively infiltrate our devices and networks. Pharming is a newer, more complicated technique. Similar to phishing tactics, pharming uses fake websites to steal personal information. Unlike phishing, pharming doesn’t require users to take action — they are redirected to the false websites without even knowing it.

You get an email from your bank asking you to confirm a recent financial transaction that seems suspect.  You get an email from PayPal asking you to reset your account or your insurance company wants you to confirm your profile settings due to a recent application failure they experienced.  Everything about the email seems genuine and the embedded link when click seems to take you to the actual website you are accustomed to seeing.  All of this, of course, is a carefully crafted mirage.  While the look and feel of the email and link may seem accurate, the URL destination is phony.  Unfortunately, users constantly fall for these types of attacks. 

Criminals use pharming attacks to capture login credentials that they then use for malevolent reasons.  This is where a modern-day email security solution comes into play, one that uses real analytical intelligence to distinguish reality from fabrication.

Display Name Spoofing

This type of spoofing is more prominent than email address spoofing because anyone can do it.  This rudimentary approach simply requires one to create email addresses using public email services such as Gmail, Yahoo or Outlook.  While the email address looks nothing like the actual one it is trying to emulate, the display name still shows the name of the spoofed individual.  This could be the department manager or school principal.  These types of attacks target the low hanging fruit of your enterprise. 

While these elementary attacks rarely garner big rewards for scammers, they do hamper productivity as users try to distinguish who actually sent an email.  These types of attacks can lead users to ignore an important email in the future. The most effective way to combat this type of threat is to train your users so that they can easily identify these crude spoofing attempts. Phishing is the primary means that hackers use to steal money, credentials, and integrity from users within your organization.  Do not underestimate the dangers associated with these attacks.  Make sure you have the best tools available to keep your organization safe from these menacing attacks.

When it comes to protecting your organization from phishing scams, training your employees to recognize bogus emails is a great place to start, but as the sophistication of these targeted attacks increase, it’s not enough.

Phishing Protection to Prevent Whaling and Spear Phishing 

With the SpamTitan Email Filter, you provide a dedicated solution that fully protects your network and every recipient within the organization. SpamTitan provides phishing protection to prevent whaling and spear-phishing by scanning all inbound email in real-time. SpamTitan searches for key indicators in the email header, domain information, and content. SpamTitan also performs reputation analysis on all links (including shortened URLs) contained in emails and block malicious emails before being delivered to the end-user. How SpamTitan protects from phishing attempts:

  • URL reputation analysis during scanning against multiple reputations.
  • Detect and block malicious spear-phishing emails with either existing or new malware.
  • Heuristic rules to detect phishing based on message headers et al. These are updated frequently to address new threats.
  • Easy synchronization with Active Directory and LDAP.
  • Spam Confidence Levels can be applied by the user, user-group and domain.
  • Whitelisting or blacklisting senders/IP addresses.
  • Infinitely scalable and universally compatible.

The combination of these features ensures SpamTitan protects Office365 users and businesses from spear phishing, business email compromise (BEC), and cyber fraud. System Administrators need to make sure their email infrastructure is secure by layering in a dedicated secure messaging and email filtering solution like SpamTitan to protect against advanced persistent threats. To protect against advanced threats you need advanced protection.

Take a closer look at SpamTitan today – sign up for a free demo at a time that suits you.

Never Miss a Blog Post

Sign-up for email updates...

Get Your 30 Day FREE Trial
TitanHQ

Talk to Our Email and DNS Security Team

Call us on USA +1 813 304 2544 or IRL +353 91 545555

Contact Us