Phishing attack is a term used to describe an attempt by which fraudsters pose as employees or large trusted businesses to extract information or cash from an individual or business.

Phishing attacks are on the increase and are now evolving from very generic emails with links that are easy to spot to very targeted attacks where emails look like they are being sent by internal employees.  This is making phishing attacks harder to defend against and it’s causing significantly more damage than ransomware and virus attacks where you can at least deploy well established tools to try and mitigate the risks.   The best defense from phishing attacks is education for employees and good support from your IT service provider on delivering that educational information to employees.

Functioneight itself has been the subject of a phishing attack know as a “Business Email Compromise” attack.   As an owner of an IT support business I like to think that I’m somewhat capable of spotting phishing emails, but must confess even I recently almost missed one.  Below is an email that I received and opened late in the evening just prior to going to sleep.

At the time I think Martin was travelling overseas so thought perhaps the requirement was urgent, so did in fact reply, to find out more information.  Only the next morning on receipt of the reply and a closer inspection of the return email address, which was not internal, did I realise that this was someone pretending to be Martin.    The larger the organisation the more susceptible you can be to this type of attack.  In fact, there have been some well documented cases of Facebook and Google being targeted in this way and losing in excess of $100 million.

1. Be very careful not click hyperlinks in especially to sites like Apple, Paypal and other trusted large organisations. This should apply equally to messaging software like Slack, Skype, Facebook and Teams as these platforms can also be subject to spoofing and in many ways are easier to infiltrate due to their more casual nature. If you are receiving links or it’s common to receive them in your work, then make sure you are confident of whom you are communicating with – if in doubt a phone call will usually be the safest way to check.
2. Look for spelling errors and poor grammar. Many of these attacks can originate in non-English speaking countries.  In fact, you can see from the example that I highlighted that the language is good but likely aided by a translation software.
3. Urgent requests should be treated with caution. This is a common approach with phishing attacks suggesting payment is needed urgently to prevent a legal action or losing a deal. It is often the case that people will be posing as the CEO or someone very senior in the organisation and they can use very aggressive or threatening language.  In this situation staff need to have the right support available and be rewarded for taking a patient approach to handling company information and assets.

If you need help with your cybersecurity, then contact FunctionEight today.  We can perform an audit of your current systems, at no cost, together with summary of recommendation on actions you can take to improve your IT security. f8.info@functioneight.com or call us on +852 2868 2855

This was written by Chris Young