North Wales Management School - Wrexham University

Spotting and preventing phishing attacks

Posted on: July 6, 2021
by
woman at a laptop showing a mail icon with a warning sign on it

Phishing is one of the oldest types of cyberattacks, dating back to the 1990s when a group of hackers tried to trick AOL users into giving up their login information. To this day, it is still one of the most widespread forms of data breaches, and phishing scams have just become increasingly more sophisticated.

Though we all understand the importance of keeping our personal data safe through cybersecurity and staying vigilant to suspicious activity, scammers are often still able to find success.

What are phishing attacks?

Phishing campaigns are a type of social engineering attack which are deployed to steal sensitive data from users such as login credentials, credit card numbers, and bank account details.

Cybercriminals pose as a trusted sender and dupe the recipient into opening a spoofed email. Once opened, the recipient is then encouraged to click on a malicious link which installs malware to their machine or reveals personal details, or to download an attachment which looks like a Microsoft Office document which contains ransomware.

Phishing emails are still a popular form of cybercrime decades after they originated because they can be sent to millions of users at a time, both to personal and professional email accounts. While organisations may have more effective methods of email security and spam filters in place, if a business network succumbs to an attack they will likely suffer severe financial loss and a potential decline in market share and consumer trust.

Types of phishing attacks

The term ‘phishing’ typically refers to attacks via emails, though phishing can also occur through social media, both through direct messages containing malicious links and links shared to a friend’s page by a hacker. There is also ‘smishing’ which uses text message instead of email.

Another form of cyberattack which is growing in frequency is ‘vishing’ – voice phishing – which aims to trick victims into giving up personal details over the phone. Though these phone calls have an automated voice at the other end, elderly and technophobic people who have no experience or understanding of these scams are most at risk. This kind of cyberattack is becoming increasingly more common. In 2018, scam calls represented almost 30% of all incoming mobile calls. Though the phone number appearing on a suspicious call may seem plausible, caller IDs are easy to fake.

Spear phishing is when specific individuals are targeted, often a person within a business. Information is gleaned from a site like LinkedIn to acquire knowledge about an organisation and its employees, and a fake email address may be set up to look like it is coming from the victim’s colleague. These kinds of attacks are for financial gain, often requesting bank transfers or including falsified invoices.

How are phishing attacks created?

Phishing kits are readily available on the dark web, along with mailing lists that have been created as a result of data breaches from organisational phishing scams. The kits make it easy for cybercriminals to build phishing campaigns, even those with minimal technical skills, especially as some kits include variants for spoofed emails of trusted brands.

Here is how phishing kits are created:

  • A legitimate website is cloned
  • The login page of the website is changed to point to a credential-stealing script
  • The modified files are bundled into a zip file, creating the phishing kit
  • The kit is uploaded to a hacked website and the files are unzipped
  • Emails are sent to victims with malicious links pointing to the new spoofed website and login page

How common are phishing attacks?

In 2020, IRONSCALES conducted their own research to assess and analyse the severity of phishing scams. Their researchers spent the first six months of the year identifying fake login pages on malicious websites which are created to gather usernames and passwords from the victims of scammers. These login pages are created to look like popular companies and the links are contained within phishing email campaigns.

They discovered more than 50,000 fake login pages, with over 200 of the world’s most prominent brands being spoofed. Recipients at the highest risk of receiving a phishing email containing a link to one of these webpages worked in the financial services, healthcare and technology industries, and government agencies.

Of the 50,000 fake login pages found, these were the brands attackers used most often:

  • PayPay: 22%
  • Microsoft: 19%
  • Facebook: 15%
  • eBay: 6%
  • Amazon: 3%

As well as these, brands such as Apple, Netflix and Tesco had also been used on the spoofed login pages the company discovered, suggesting there is no sector untouched by spoofed emails.

Additional research has suggested that one in every 99 emails sent is a phishing email, and that 75% of organisations around the world experienced some kind of phishing attack in 2020. Another 35% experienced spear phishing, and 65% faced business email compromise (BEC) attacks.

How to prevent phishing attacks

The National Cyber Security Centre has a four-layered approach for mitigating the possibility of suspicious emails and phishing messages from reaching employees of a business. They recommend organisations should:

  • Make it difficult for attackers to reach users – by implementing anti-spoofing controls and filter or block incoming phishing emails
  • Help users identify and report suspected phishing emails – carry out security awareness training to help users spot phishing emails, review processes that could be mimicked or exploited, and create a positive environment for users to seek help
  • Protect the organisation from the effects of undetected phishing emails – protect accounts with increased security and two-factor authentication, protect users from malicious websites by using a proxy server, and protect devices from malware
  • Respond quickly to incidents – define and rehearse an incident response plan and detect incidents quickly by encouraging users to report any suspicious activity

On a personal level, individuals can keep themselves protected from phishing scams by avoiding the links or attachments in any suspicious emails, and never giving out personal information to a cold caller over the phone.

Want to learn more about phishing attacks and cyber security?

Phishing attempts are becoming more and more common, and so there is an increasing need for cyber security specialists in the modern workplace.

Whether you already work in IT and are looking to increase your specialist knowledge in keeping businesses safe from data breaches and protecting sensitive information, or if you’re looking to change career path and be what it takes to keep phishing scams at bay in an organisation, the MBA Cyber Security at the North Wales Management School is for you.

Study part-time and fit your studies around your life as you gain skills and knowledge that are highly sought-after in today’s job market.