Phishing. Is the devil so black as it is painted, and how to understand if you are hooked?

Recently I received a letter from my friend about the following: “Oh my God, is this your video? Look at this link => (link to an unknown resource)”. He had never sent such messages before, and it was suspicious. This case prompted me to tell you more about the types of phishing attacks and what to do if you were hooked.

Let me start with some statistics. Last year, Tripwire conducted a survey of participants at the RSA Security conference, where participants were asked to evaluate the relevance of phishing attacks. Of the two hundred security experts who took part in the survey more than a half (58%) said that the number of such attacks had increased since last year, so the issue of protection against phishing attacks remains actual. The term “Phishing” is entrusted to a set of social engineering techniques, aimed on illegal obtaining sensitive data, such as passwords, payment card numbers etc. The etymology of the word refers to the English word “fishing”, since the victim is “hooked” by analogy with fish. Phishing is now divided into several categories:
Odoo text and image block
1. Vishing (voice + phishing) - this is phishing made using phone calls. By analyzing the data available on social networks or electronic bulletin boards, attackers can simulate a call in a way it does not cause any suspicion.

2. Smishing (SMS + Phishing) - phishing using SMS. It may look like a fake message about blocking a bank card or an order in an online store with a link.

3. Search Engine Phishing. Search engine phishing, it is about to create a fake web page, promoted by certain keywords. Previously it was a very popular type of phishing, now it is less common due to search engine sanctions.

4. Spear Phishing. Unlike traditional phishing, which includes sending emails to millions of unknown users, this type of attack has a focused target, and emails are precisely targeted on a specific user or group of users. Such attacks are more complex and cause higher risk since attackers conduct a detailed study of user profiles and their organization using open Internet sources (social network profiles, company website, online catalogs, etc.).

5. Whaling. The mechanics of whaling are like spear phishing. The difference is that attackers aim at larger fish. Top managers, “whales” in the jargon of cybercriminals, become targets.
Since the most common phishing mechanics is online correspondence, let's consider it in more detail. The main purpose of such letters is to obtain money or confidential information fraudulently, as well as access to the user device by executing malicious code.
Odoo CMS - a big picture

A Search Engine Phishing Example

The most of fraudulent emails with notifications about account hacking and extortion of funds do not carry significant danger and are designed for casual and inexperienced users.
Letters designed as real Internet services notifications with a request to follow a link and log in cause significantly greater danger. Receiving such a letter is a signal that an attack has been launched against you personally or your employer and you need to take protective measures. If bad actors get to the internal network, it will be much more difficult to stop their activity. In addition when phishing emails arrive in a personal inbox you or your relatives’ personal data is at risk. Nobody knows how they could be used by attackers. Many users believe that only phishing emails received by corporate mail are dangerous for organizations, but it is not true. Malicious code doesn't care where it came from after it was launched on a device in the corporate network. Therefore, be careful about suspicious messages always, even if they are sent to personal mail or instant messenger.

Odoo CMS - a big picture

A phishing website example

We've clarified about the types of phishing letters and danger they can cause. Below are the rules that will help you to avoid falling a victim to a phishing attack.

1. Carefully look through the emails and do not follow the links in the body of the letter, do not open the attached files and do not unpack the archives.

2. If you receive messages from Internet services that you use, especially those that require immediate action, carefully check the sender's address and the URL of the link. Instead of following the link, go to your personal account in the service through a direct address.

3. If you received a suspicious letter from your friend, we recommend contacting him for clarification.

4. Do not respond to suspicious emails. With the answer, you confirm that your e-mail is “live”. Do not play into the hands of intruders.

5. Use antivirus software and use it to check suspicious emails and attachments.

6. Do not transfer your email password to third parties: when registering, filling out forms, upon request to clarify information.

7. Use digital signatures when using mail.

8. Send a hash of the sum of files when corresponding to other channels.

9. If you suspend that your credentials have fallen into the hands of intruders, you need to urgently change the account access keys. In general, it is better to set up a rule to change passwords once a year and ensure that your keys have a high level of protection. This can be checked on special online resources.

So, first the security of your personal data or company data depends on your attention. If you find suspicious activity, do not panic. It is better to imagine yourself as a hero who saves the world by warning the development of a new cyber attack.