Phishing attacks are increasingly intelligence-based, and many people are still facing these dangerous scams every day.
In just one click, you could lose money or business information.
This blog will educate you about three new phishing attacks to watch for, how the scams operate, and some simple hints that you can use to protect you and your business from being phished or losing significant business information.
PayPal Phishing Scams
Some versions of PayPal fishing scams have arrived. This can be uniquely insidious because PayPal (depending on your settings) is usually linked directly to a user’s bank account and/or debit card. Therefore, if a bad actor finds their way into your PayPal account, they could exploit you.
Ultimately, these phishing scams usually employ a sense of urgency or fear, like “Click here to confirm your email, or your account may be locked.” They also mention a new feature you “must act now” to continue using.
Any phishing attacks of this description will generally end in the victim clicking on a (fake) login page of PayPal that looks like PayPal but simply intends to steal access to the users credentials and abuse them before they change their password.
Some of the similarities between these (new) PayPal phishing scams include:
They are (generally) coming from email Secure(at)intl-limited(dot)com or a similar variation
The (general) messages indicate that either your account is limited, is now being limited, or that there has been “unusual activity” on your account
You can view some examples at Malwarebytes.
Netflix Payment Phishing Scams
Netflix’s success has made the brand a target for phishing scams that impersonate the platform.
As a part of the phishing scams, individuals will receive an email that may potentially impersonate the Netflix logo and signature and state that their monthly Netflix payment has failed to go through.
The email will contain a link that sends the individual to a fake login page and ask them to resubmit their credit card.
Scammers are extremely talented at impersonating any type of company, and the legitimate Netflix customer service email has also been impersonated.
While the page may look like a Netflix page to the unsuspecting eye, those who are attentive as they arrive on the login page will see the difference in the domain address.
Unfortunately, this is a great way that criminals are able to capture credit card numbers (and they will just continue to do this and variations of this).
Phishing Scams Using a New Email Attachment Stealer
A large botnet recently began distributing a new class of malware that is designed to search for and ingest any email attachments contained in a person’s inbox, mail folders, or sent folder.
Phishing scams typically use fake invoices and manifests to encourage people to download a document that is infected with malware.
The specific exploit is a QakBot payload that contains the ProLock ransomware strain. This new malware is also designed to steal email file attachments.
Related: Using Multi-Factor Authentication (MFA) to Avoid Data Breaches
The compromise occurs when the compromised files are opened on the victim’s machine. Once openly the malware is launched and searches the email folders for email attachments and recycles that data for theft and tablespoons into future phishing email attachments.
By using a real document (one that any person might recognize in your organization), it improves the phishing scammer’s chances of knowing that the user opens the attachment.
Criminals behind safeguarding phishing attacks find lists of entire organizations quickly and easily via LinkedIn and sometimes other sites and can then launch targeted personalized spear phishing attacks against the organization using what they feel is some legitimate company document attached to an email.
How Attackers Are Evolving Phishing Tactics
Cybercriminals have already seen more phishing attacks and they had to use well-established methods that allow them to change how they execute phishing attacks. Now they have AI-generated phishing emails, deepfake audio within phishing emails and fake websites that are perfect clones of legitimate ones.
They could create a takeover email that uses your information that they stole, and are now able to create phishing scams that are more difficult to detect. They also use different areas of incursion that are still emergent such as QR codes, social media, and mobile messaging applications. The sort of cyber threat and risks are ever-evolving, and organizations must remain focused on comprehensive cybersecurity training and vigilance.
Phishers are getting more strategic and sophisticated, and that means that businesses and individuals must stay proficient with new trends with phishing and have a wide array of tools and tactics that would help detect this new threat prior to becoming a victim.
Best Practices to Protect Against Phishing Scams
In short, defending against phishing is a two-pronged approach to be a success; on one side we ensure use of software to stop phishing emails before it lives in the end-users inboxes.
The other side is to continually train employees on phishing awareness so that when an email that is phishing to see, they know what to look for and will not fall victim, which means teaching them tactics such as:
Hover over a link prior to clicking to see the link which is the actual URL that you are going to go to
Never visit a website (PayPal, etc) by clicking the link in the email, rather open a browser and visit the page directly
Be thorough and vigilant about checking both URLs and the “From” email addresses for forgery
Ask yourself, “Is it expected?” If not, it is probably some sort of fraud involving you and act accordingly
In the case of blackmail, if you have a suspicion on a suspicious email, it is prudent to confirm this suspicion with an IT person before you take any action.
Steps to Take If You Fall Victim to a Phishing Attack
The only way to limit damage is by taking action quickly, and by doing it for all devices that could potentially have a data leak from it. Immediately change those potentially compromised passwords and always implement two-factor authentication, where possible.
If there is sensitive information or money involved, notify your bank, employer or financial institution. Notify your IT department or a cybersecurity professional, so they can diagnose for malware and secure your device.
By reporting the phishing email attempt, you can help to limit or prevent others from falling victim to the same victim, or through the same channel of exposure.
Keep Your Devices Monitored & Protected from Phishing Attacks
Don’t risk losing all the data or getting your finances breached due to a phishing attack. With detailed cybersecurity solutions, RCOR can secure your business and your users.
Call us to book a cybersecurity consultation today. Contact us online or call 919-263-5570.