E-mail cyber attacks are on the rise.
According to a case study, Google has registered over 2.1 million phishing sites as of January 2021. This is up by a staggering 27% in a little over 12-months and has become an increasingly common day-to-day struggle for businesses affecting over 75% of organizations worldwide.
In Q1 and Q2 of 2020, scams related to COVID-19 have significantly caused the ramp-up resulting in an increased percentage (112%) of incidents involving payment and fraud. These cyber-attacks trigger business data breaches that result in severe consequences that include reputational damage, financial losses, loss of consumer confidence, and loss of company value, among others.
For individuals, phishing and malware attacks lead to devastating results that include identity theft, unauthorized online purchases, and embezzlement.
"Humans shouldn't be the last line of defense. That's why organizations need to invest in technology and other solutions to prevent successful phishing attacks." – Tessian article
The first thing to know whether your system has been attacked by a phishing email or BEC (Business Email Compromise), or infected with malware is to know how to recognize one.
What are the signs my computer is infected with malware? How do I protect myself from malware?
Phishing emails and text messages
A cyber threat study proves that 96% of phishing attacks are delivered via email, 3% through malicious websites, and 1% via phone or text messages. Phishing attacks may look like coming from an individual or company you know and trust, it even uses a logo and header. While, at a glance, email scams might look real but will trick you into clicking a URL link or download attachments that allow scammers to gain access to your information and commit fraud. This is detrimental to the reputation of individuals and businesses.
E-mail spam filters do well in blocking unwanted and unsolicited messages from reaching your inbox. However, as machines can never take over man, scammers can outsmart spam filters. Adding extra layers of protection makes it a smart idea to protect yourself from phishing attacks. Some protective steps you could take are installing security software on your computer, setting your mobile phone software to update automatically, using multi-factor authentication, and creating backups of your data.
Spear phishing is a more in-depth version of phishing that is targeted at a specific person or organization. It requires special knowledge about an organization, including its power structure and even names of employees. The cyber attacker takes advantage of these by impersonating an employee of an executive-level position, e-mails another executive officer with a spoofed version of a sensitive document, then steals the victim's credentials, gaining full access to the organization's network.
Spear phishing is said to be the primary intrusion vector for about 65% of active cybercriminals. Just last year, the IRS pointed out that a 400% surge in spear-phishing was against company CEOs.
Some tips for avoiding a spear-phishing attack include being skeptical about potential email scams, keeping your security software updated, being smart with your passwords and changing them regularly, and implementing a company-wide data security strategy.
Whaling or BEC (Business Email Compromise)
Business Email Compromise (BEC), also referred to as "whaling," is essentially spear phishing but on bigger targets. This type of cyber attack scheme allows hackers to pose as a high-level executive or influencer, such as a CEO or CFO, and send an email message to a broader group of potential victims or employees who have the potential to authorize and execute a financial transaction. Scammers use the intel they find on the internet to trick employees or another "whale" into transacting a vendor payment, wire transfer, or direct deposit.
Avoiding a whaling attack is just as critical as avoiding a standard phishing attack, only on a bigger and high-value scale. Educating employees about whaling attacks, how to identify and handle them can significantly protect the company's reputation. Establishing a multi-factor verification process for all sensitive data and financial transaction requests is a major letdown for cyberattackers. Implementing data protection and security policies will also help prevent significant risks and losses.
"Copyright infringement" scam messages
Beware of any email message informing you that "copyright infringement" has been detected in your business website images and publications. It may be a neatly disguised phishing scam many have fallen prey to. (Do not use images that you find on the internet on your website. Use only copyrighted images that you paid for and have documentation that you've done so).
While a business website may not contain too much sensitive and exploitable data, a hacker uses a "copyright infringement" scam message to redirect the recipient to visit the attached URL link to "provide feedback." Clicking through redirects the victim to a seemingly legit page (upon first glance), especially when viewed on a mobile device. The user will be prompted to provide a username or e-mail address and password which are likely the scammer's true target. As most people do, even executives and business professionals, email accounts are most commonly used for identity verification when recovering passwords for all kinds of other accounts, including social media.
Some of the best ways to avoid falling victim to this type of scam are, first, to be aware of it, always be on the lookout for spelling and grammar mistakes, and never click through any site link that appears to be an official page but not hosted at a trusted official domain name.
If you may have clicked through a scam link and lost access to your email account, inform your company IT department and/or e-mail administrator right away.
You are spamming or "spoofing"
You may get some complaints from your friends and family that they received spam messages and links via social media or email from your email address. E-mail messages from sender accounts that seem to be legitimate ones could trick victims into believing that malicious emails they've been receiving are from known and trusted sources. Getting your inbox filled with bounce-back email messages you don't remember sending can be annoying. That is most likely because your computer is infected by malware. Hence, your email account has been compromised or "spoofed."
However there is no way to completely prevent spammers from "spoofing" your email address, it is always smart to run malware scans regularly and keep your security software updated. This will keep you and your business protected. Warn your family and friends about any suspicious messages they might receive that seemed to be spam. Changing or resetting your passwords and enabling multi-factor authentication across all your devices also help reduce the risks of any digital intrusion.
Ransomware is an encrypting malware that allows the cyber attacker to lock important data of a user, network, system, or software, taking advantage of the victim's vulnerabilities, and then demands a payment to unlock and decrypt the data. Hence, the term "ransomware."
Over 93% of healthcare organizations experienced a cyber attack in the past three years costing millions, if not billions of financial damages. For businesses at scale, a cost prediction is believed by over 70% of security executives to be at a high decline rate for the fiscal year 2021. An estimated ransomware damage cost is said to rise to $20 billion in 2021. The United States, having been one of the higher numbers of internet-connected populations, has had ransomware infections up by 18.2% to date, according to Symantec.
There are thousands of strains of ransomware, some of the most common ones to be on the lookout for are WannaCry, Cerber, Locky, Cryptolocker, Ryuk, NotPetya, and Petya, and GrandCrab.
To prevent or reduce ransomware damage, you can prioritize remediation by quickly identifying overexposed sensitive data and global groups, lock down access controls that cyber attackers exploit, and make a complete data-driven recovery of everything that was encrypted.
There are several causes of your computer slowing down. Your computer may be running out of RAM or hard drive space, or it may have damaged hardware. However these are typical signs to be on the lookout for, there are symptoms that you should be aware of when dealing with a potential malware attack. This includes sluggish startup and computing performance, unexpected behaviors, excessive pop-ups, and frequent crashes (even "Blue Screen of Death") that can lead to disruption of data and programs to which malware has infected itself.
Pop-ups, banner ads, websites, toolbars, and other unwanted programs
Cybercriminals behind some of the most damaging data breaches utilize e-mail, text messages, and suspicious pages. An example would be those where users are asked to answer survey questions to click a URL link or e-mail attachment to access a website service or install free bundled applications filled with malware.
While inherently harmless, it is strongly recommended to never click any link in a pop-up, banner ad, or suspicious website. Just close them instead by clicking the "X" on the upper corner, run a malware scan, and update your web browsers.
Cybercriminals have many attack tactics to exploit, among which have much to do with emails. As e-mail attacks are a significant threat, organizations and individuals must implement steps to learn about them and secure access to e-mail systems to avoid infection of malicious contents and attachments. Remember that no matter how small a breach might be, phishing and malware attacks inevitably lead to business disruption.