SandStorm IT

Power On

  • Services
    • Managed IT Services
    • Servers & Networks
    • Business Computers & Support
    • Cloud Services & Data Backup
    • Custom Software Development
    • VoIP Telephone Solutions
    • Custom Web Design
    • Disaster Recovery Solutions
    • Security & Compliance
    • IT Consulting
  • Technologies
  • Pricing
  • Work
  • About
    • Our History
    • Our Team
    • Careers
    • Press
  • Blog
  • Contact
    • (901) 475-0275
  • Help Me

Phishing: How to Avoid Phishing Scams

July 15, 2019 By SandStorm IT

What is Phishing?

This varies from the specific type of phishing, but in general, phishing is the act of tricking and manipulating a user to reveal information to the attacker through various means.

 

Tools of the trade can range from malware laced documents, to websites with URLs that are spelled similarly to popular services that steal login credentials, known as Typo Squatting. 

 

Who gets targeted?

Usually, phishing attacks happen by chance, as they are mass mailed to hundreds of emails at a time, but there are targeted campaigns as well.  Spear phishing attempts come in to play when the attacker identifies that a user has roles/privileges in the organization that others don’t, which may assist them in spreading to other users.

 

There also exists the “whaling” attack, which targets the owner of an organization. Typically, they will have the highest level of access to all resources in the business, ranging from the business’s internal networks, bank accounts, and potentially even other client’s networks.

 

Why?

As computer security is coming into focus, and as anti-malware software continuously starts offering better protection, phishing is becoming more and more commonplace for all types of attacks, ranging from Identity Theft to Espionage.

 

With the increased focus on computer security, malicious users have become more creative with their attacks, resulting in higher success rates with more infections and intrusions. Even in the face of employee training, successful attack rates have been high.

 

Phishing offers a quieter approach throughout the attack process, as people may not notice what has happened by the time they enter their information, or open an attached document. Assuming the user catches the misspelled URL, or realizes the document they opened is fake, they may be afraid to report the issue, fearing repercussion. Combining all these factors leads to the perfect platform for carrying out a very successful attack campaign.

 

What can be done to prevent phishing attacks?

  • Ensure that your email system has a spam filtering system in place.
  • Offer plenty of resources to help your employees identify phishing attempts. Teaching them to identify URLs by moving their cursor over links, for example, will greatly reduce successful attempts.
  • Verify that proper anti-malware software is in place and up to date. This will help reduce infections from malicious documents.
  • Let your employees know they shouldn’t be afraid of reporting any phishing attack they may have fell victim to.
  • Teach Employees that they are never to open attachments from unknown senders, and to scan attachments from senders they may know but were not expecting.
  • Read through the body of the email to ensure there are no spelling mistakes, as your everyday mass mailed phishing attack will commonly carry many errors.
  • Have email scanning software in place that removes malicious attachments before they arrive in the user’s inbox.
  • If your business uses any type of portal that employees access, remind them of the correct location periodically, and to verify that the URL they’re accessing is correct if they ever receive an unknown email telling them to update their password.

 

 

If you have any other questions about phishing or any other IT security questions, please contact one of the knowledgeable technicians at SandStorm IT. We can be reached at 901-475-0275.

Related Posts

  • How can I protect my employees from phishing?
  • Office 365 Phishing Attacks On the Rise
  • Social Engineering: How to keep your business safe
  • Ransomware - What To Do If You Are Infected
  • Why is phishing still the most common cyber-attack?

Categories: Cybersecurity, Social Engineering/Phishing, Spyware/Malware/Viruses

Subscribe to Our Newsletter

Check your inbox or spam folder now to confirm your subscription.

SANDSTORM IT BLOG

Featured
News
Press Releases
SandStorm News
Security Alerts & Vulnerabilities
Managed Services
Managed Anti-Virus/Anti-Malware
Managed Backups & Monitoring
Updates/Patches
Passwords
Cybersecurity
Spyware/Malware/Viruses
Social Engineering/Phishing
Ransomware
Data Breaches/Leaks
Other
Servers
Server & Server Hardware
Cloud/Serverless Computing
Server Operating Systems
Networking
Wired Networking
Wireless/Wi-Fi
Internet of Things (IoT)
5G & Mobile Networking
Business
General Business
Enterprise Resource Planning (ERP)
Voice & Telephony
Backups & Business Continuity
On-Site Backups
Cloud Backups
DR/BCM Planning & Consulting
Personal Computing
Tips/Tricks/Shortcuts
Troubleshooting
Hardware & Peripherals
Desktop Operating Systems
Software & Applications
Office Applications
Desktop Software
Email Software and Applications

Authors

Authors
Doyle Sanders
Jake Sanders
Jordan Sanders
Justin Oliver
Matt Ballard
Robert Cleveland
Cristian Colón
Jacob Ellis
Jeff Fowler
Miker Irick
Curtis Mayo
Josh Restuccio
Lindsey Sanders
Matthew Stafford
Josh Yarbrough

Give Us a Call

(901) 475-0275
61 Atoka-McLaughlin Dr.
Atoka, TN 38004

About SandStorm IT

SandStorm IT is a team of committed professionals who are dedicated and excited to solve your technology needs.  We accomplish this through understanding your business and then applying the appropriate technology solutions to meet the needs.

Our breadth of experience with information technology covers a range of diverse skill sets such as server setup and configuration, network and firewall solutions, VoIP telephone systems, web and database hosting, custom web application programming, mobile development, and IT security practices and policies.

SandStorm IT has the desire, expertise, and commitment to bring your vision to life.

  • Services
  • Technologies
  • Pricing
  • Work
  • About
  • Blog
  • Contact
  • Help Me
Authorized Solution Provider