Phishing

Home  /  SpamTitan Email Protection, Spam Filtering and Email Filtering  /  Phishing

Phishing

What is Phishing?

Phishing is a type of social engineering attack used to steal user data, including login credentials and credit card details. Scammers obtain sensitive information or data from the user, by disguising themselves as a trustworthy source. The victim is duped into opening an email, instant message, or text message. The recipient then clicks a malicious link, leading to the installation of malware, the freezing of the system if part of a ransomware attack or the revealing of sensitive information.

As an example, is the 2018 phishing attack targeting Netflix users. The phishing email purported to be from Netflix and warned recipients that the company were unable to access the customer’s billing information. The message requested customers to click on a link to update their payment method. That link, of course, directed the customers to a fake website created by the scammers.

That being said, not all phishing attacks look and operate in the same way. Phishing scams can take a variety of forms and often have different goals. Some phishing email might try to trick users into clicking a link that leads to a fake website as in the Netflix scam already mentioned. These fake websites install malware allowing hackers to steal personal or senstive information or take control of your device.

What is Spear Phishing?

Spear phishing is an email scam targeted towards a specific individual, organization or business. It is often used to steal data or install malware on a targeted user’s computer for malicious purposes. A typical spear phishing attack includes an email and attachment. The email includes information specifically related to the target, often including the target's name and position within the organization. Most huge data breaches have a social engineering component augmented by detection evasion techniques.

Office 365 Phishing Attacks

Microsoft Office 365 is one of the world’s leading software platforms, boasting over 120 million business users. Although the Office 365 spam filter offers a reasonable level of security, some businesses find it lacking against highly-sophisticated cyber threats especially phishing attacks.  Because of this many organizations are adopting a defense-in-depth strategy, using SpamTitan, to protect their Office 365 users from advanced and persistent phishing threats.

A recent Google Docs phishing scam that affected over 1 million Gmail users – SpamTitan had 100% success rate in defending our users against this threat.  It’s vital you do everything possible to prevent these attacks reaching your users inboxes.  It’s not a question of if there will be another damaging ransomware attack; it’s a question of when.

SpamTitan for Office 365 allows you supplement Office 365s native email security with award-winning phishing protection from a dedicated security provider. SpamTitan's sandboxing feature protects against breaches and sophisticated email attacks by providing a powerful environment to run in-depth, sophisticated analysis of unknown or suspicious programs and files. SpamTitan for Office365 adds more advanced security like protection from phishing and spear phishing, including Business Email Compromise and zero-day protection.

Rising Threat of Phishing Attacks

The global COVID-19 (Coronavirus) pandemic is impacting the world in many ways. It has fundamentally changed the way many organizations and businesses operate as a large number of employees more to remote working.

The pandemic is being used by cybercriminals in malicious campaigns including phishing attacks, spam, malware, ransomware, and malicious domains.  In this environment anti phishing protection is essential in order to protect your devices that will be now be operating outside of the secured perimeter. 

IT & Security professionals in organizations are dealing with an enormous number of coronavirus themed email phishing attacks. Our email security solution SpamTitan is blocking increasing levels of  Coronavirus-related phishing emails and malware.

Keeping Remote Workers Safe from Phishing Emails

TitanHQ are helping organizations and MSPs protect their transitions to remote work environments. The source of traffic has changed from “in office” origination to “at home” usage, but anti- phishing protection is still required and becomes essential for the shifting remote workforce.

We have seen massive demand this year for two products in particular that can be rolled out seamlessly to remote devices and work from home environments. These are SpamTitan cloud-based email security, which protects remote workers from the newest iterations of phishing attacks, and our AI-driven DNS security product, WebTitan. Combined, these create an umbrella layer protecting users data and devices from phishing attempts.

Advanced email security with powerful, real time updating AI driven threat intelligence. COVID-19 phishing scams are the most sophisticated versions of phishing emails the industry has seen. SpamTitan provides powerful protection blocking inbound threats and securing outbound data. It blocks spam, phishing, malware infected links and other email threats.

Why not sign up for a no obligation free demo today.

The Evolution of Phishing

The evolution of phishing is, of course, in line with the evolution of technology. Until recently, a typical method used in phishing emails to install malware on a device, was to carry the malware as an infected attachment, usually an Office document or PDF. This method matched employees use of emails to share documents. This method was successful and continues to this day.

However, as the use of online collaboration portals increase, employees are less likely to share documents via email. In response to this change, cybercriminals are changing their tactics. Instead of phishing emails containing malware-infected documents, scammers are piggy-backing on the way online collaboration portals work. That is, sending emails with shared links to documents and files. These shared platforms are at risk of being misused by phishing campaigns via malicious links in fake emails branded to look like the portal. A current focus of these phishing scams is on SharePoint and OneDrive.

Phishing is as much about human behavior as it is about technology. Cybercriminals know that tricking users into performing an action can effectively get them the results they need. Getting the human user to perform this action relies on ‘trust’. It is this trust element that scammers use when they spoof well-known brands, such as SharePoint and OneDrive.

Protecting against Phishing Attacks

The first line of defense against phishing scams is email protection. Email messages created by attackers sometimes have a recognizable spoofed email sender address, and some phishing attacks are designed to ensure the message looks like it’s from an official source. Recipients not trained to look for phishing emails click links that takes them to an attacker-controlled server. DMARC (Domain-based Message Authentication, Reporting and Conformance) is a security framework that detects and stops these attacks.

DMARC is a set of cybersecurity configurations that use a combination of digital signatures (DKIM) and DNS verification using Sender Policy Framework (SPF). DomainKeys Identified Mail (DKIM) adds public-private key encryption that adds a signature to the header in an email. The owner of a domain adds a verification key as a DNS entry and SPF protocols at the recipient email server perform a lookup for this verification entry. Only valid IPs can then send an email on behalf of the sender’s domain. SPF eliminates an attacker’s ability to send spoofed email messages.

DMARC works in conjunction with email filters and DNS-based content filters so that users are unable to access attacker-controlled websites. With DMARC, the messages should not be able to reach the user’s inbox. Messages blocked by DMARC rules are quarantined where the email administrator can review it for any false positives. Should a message return a false negative, the malicious content would reach the user’s inbox. DNS-based content filtering would trigger and block the user from accessing the website where an attacker phishes for user credentials.

Without the right cybersecurity tools in place, organizations are vulnerable to phishing scams. This malware could cost an enterprise millions in disaster recovery and ransom fees if they’re paid. The only way to avoid them is to have the right email security using DMARC and content filtering.

SpamTitan checks every URL in an email against known blacklists - with 100% active web coverage. Protect your users from email links to malicious sites with SpamTitan. SpamTitan's sandboxing feature protects against breaches and sophisticated email attacks by providing a powerful environment to run in-depth, sophisticated analysis of unknown or suspicious programs and files.

Phishing attacks are highly complex and  on the rise. One of the most effective ways to protect against phishing scams is with a modern, robust email security solution such as SpamTitan.  SpamTitan utilizes an array of anti-phishing tools such as antivirus scanning, heuristic analysis, DMARC authentication and sandboxing.  Few vendors offer all of these solutions in one package.

SpamTitan is a multi-award-winning email protection, anti-phishing, and email filtering solution. Start your free trial for SpamTitan today to discover how we can prevent malware attacks.

Start My Free Trial Now

No credit card required - simply enter your email address below and we'll do the rest

Sign Up
Get Your 30 Day FREE Trial
TitanHQ

Talk to Our Email and DNS Security Team

Call us on USA +1 813 304 2544 or IRL +353 91 545555

Contact Us