Keeping Your Inbox Safe, One Email At A Time
Keeping Your Inbox Safe, One Email At A Time

What is Phishing?

One of the main dangers to companies today is the loss of their private customer information and with that, the trust of their customers.

Phishing is the practice of pretending to be a trustworthy or familiar person or organization, to in order to have the victim take some action. 

Phishing attacks are happening all the time, too. According to Wombat Security’s State of the Phish 2018 report, 76% of organizations asked had experienced phishing attacks in 2017.

Sometimes these phishing attacks are trying to insert malware, steal information (passwords, bank account, company records), or encrypt a company’s (or individual’s) information in order hold it for ransom.

Regardless of the end goal, the starting point is an attempt to fool the victim into taking some sort of action that enables the attack.

We are seeing 3 basic types of phishing attacks currently:

  1. A catphishing (or what I call engagement) email. This is a precursor to the next two types of attacks. These are often a safe email to establish the sender as someone you know or trust. The actual danger will come in a later followup email as a link or malicious “zero-hour” attachment.
  2. Phishing via a link that takes you to a fake website to capture your authentication or identity info.
  3. Phishing via malware downloaded via a link or activated through an attachment to infect your PC.

The main thing to know about all phishing attacks is they start by fooling the user and they are usually easy to detect.

So, if you can:

  1. Educate the user about how to detect a phishing attack.
  2. Remind them to always check for phishing no matter who the email appears to be from.

Then phishing emails become much less successful for the phisher and less dangerous for you.

In order to encourage safer email practices and to help you protect yourself from phishing emails, we’ll be posting about some of the newest phishing techniques and how to spot them. We’ll also be discussing some of the most important features in Antespam’s Email Security Training and how they can benefit you, your employees, and your business.