June 10, 2016

Posted in:

How to Identify a Phishing Attack

How to Identify a Phishing Attack

Phishing is a form of social engineering representing one of the most common security threats. The root purpose of the attack varies from gaining access to passwords, credit cards or other sensitive information to using email, social media, phone calls and any other form of communication to attempt to steal valuable data.

Although many organizations work hard to protect against phishing, even security-focused companies like Edge may receive a threat like a spear phishing campaign. It’s crucial for you to learn how to identify a phishing attack to protect your organization.

Spear Phishing

In a phishing attack, an email is designed to appear like it’s coming from a trustworthy source (organizational leadership, government, HR, bank, etc.), often with the intention of convincing users to click on a maliciously embedded link. Spear phishing, however, is when a hacker will research an intended target and include details that make the email seem more credible. The details may, for example, reference a corporate social event from the previous month that was published on a public website or be “from” a CEO asking the finance department to prepare a check.

How Can I Identify a Spoofed Email?

The answer isn’t always simple, but if your gut is telling you something doesn’t look right, you should probably listen. Consider the sample in the image below.

Phishing Attack

Just recently at Edge, some of our employees received a message supposedly sent from an “edgewebhosting.net” email address, which isn’t in routine use anymore—that’s red flag number one. Next, there was a very generic subject—that’s red flag number two. Another thing to consider is context—does this seem like the type of email content you would expect from this sender (the CEO)? Also, it was sent to the same recipient at two different addresses, which is strange, depending on context. And lastly, why was the email tagged as High Importance?

The final straw here is the “reply-to” address. As you can see below, this message was set to reply to an unknown mailbox. Definitely a red flag!

Phishing Attack Example

One of the things that makes phishing attacks tricky is that the malicious email can be distributed by harvesting the email address books of compromised computers. When that occurs, the email may appear to have been sent by a known and trusted source. All it takes is one user to take the bait, and then you’ve had a compromise.


Final Thoughts

Awareness is a major component of staying safe in today’s environment. A company’s users have the ability to be the biggest threat vector, but they can also be the best defense when it comes to detecting, reporting and defending against phishing attacks.

Be the defense, not the threat!

If you have any questions, please let us know. We’re here 24/7 for you!

Go back