How to detect and prevent phishing attacks (2022)
Learn about phishing detection and steps your business must take for phishing prevention. Read phishing prevention tips and ways to stop phishing emails.
What’s on this page
- Phishing attacks in numbers
- Who are the main targets of phishing attacks?
- Phishing damages affects your business bottom line
- How does phishing work?
- What a phishing email tipically looks like?
- Measures for preventing phishing attacks on your business
- Other threats to look out for
- How Email became the biggest business security risk (infographic)
The number one threat facing businesses today isn’t viruses and hackers, but phishing attacks. This article will teach you how to detect and stop phishing emails, and prevent malicious actors from hurting your business.
Let me ask you this, how proactive and alert are you when it comes to phishing detection and prevention? How protected do you believe your business to be from cyberattacks?
Phishing attacks in numbers
- 65% of companies in the United States were successfully phished this year.
- 84% of all small to medium businesses (SMBs) were targeted by phishing attacks in this year
- 65% of SMBs have never even run a phishing email test before.
- 60% of small businesses fail to recover and eventually fail six months after any cyberattack or data breach.
- 86% of email attacks don’t even involve malware.
- 32% of all data breaches are because of phishing.
- $1.6 million is the projected cost of damage done by a phishing attack for a medium-sized company.
Experts agree that the situation will get worse before it gets better. The recent surge in phishing attacks during the COVID-19 pandemic is proof of that.
It’s easy to put up a startup these days, and most entrepreneurs don’t have the cash flow and the security awareness to defend their fledgling companies from attackers.
Who are the main targets of phishing attacks?
If the business belongs to the “appetizing” category for fraudsters, that includes the business categories below. then security measures must be implemented as a matter of priority.
- Companies using SaaS (33,5%)
- Financial companies (19.4%)
- Users of payment services (13.3%)
- Social networks (8.3%)
- E-commerce (6,2%)
Small businesses are being targeted most
There’s a misconception that small businesses are not targeted by cyberattacks as much as big businesses because large companies have more money and more valuable products.
In fact, the opposite is true. small businesses are the more attractive targets because most have limited resources and less experienced employees who know how to deal with an attack, making them sitting ducks. Hackers often use phishing attacks to exploit vulnerabilities in smaller companies with little to no resources for cybersecurity.
Phishing damages affects your business bottom line
Phishing affects your bottom line, there is no question about it. the question is how much damage should you expect to suffer? You have to answer this for you to assess the measures you need to take in order to defend against this nasty cybercrime.
If your security solution is sub-standard or non-existent, then you’ll surely fall prey to cybercrime and scams that can cause substantial losses. Viruses and trojans are the de facto faces of cybercrime; however, phishing scams are the real problem to watch out for.
Phishing is a lot scarier than regular malware because anyone can do it. Cybercriminals don’t need to write complicated code or use specialized tools to launch a phishing campaign, plus they’re easy to run and almost impossible to trace.
Most businesses rely on computers that run on Windows, which historically made this operating system more targeted than other operating systems such as Linux or macOS. Windows is therefore perceived as especially susceptible to malware.
We advise not to rely on the perceived security of any OS. Whichever your OS, make sure you are adequately protected and that you have not already been infected. As soon as you can, have all your employees check their PCs for infection and check their Mac for viruses and malware.
How does phishing work?
Phishing is a type of cybercrime where a target gets tricked into providing sensitive data such as banking details, credit card numbers, passwords, and personally identifiable information.
Criminals impersonate legitimate organizations and contact their targets either through phone, text message, email, or a combination of all three if they have enough of the victims’ details. The victims will then be duped into clicking a malicious link that then installs spyware, ransomware, or malware on their computer.
Other phishing tactics use fake websites or a document that visually resembles an authoritative resource. For example, it can be a page similar to your bank’s internet banking, where you enter your profile data, payment, or personal information.
Your stolen information can be sold to a third party or used to access critical accounts that can lead to identity theft, account takeover, and consequential financial loss.
Sure, a quick email address search can tell you if the sender is legitimate, but not many people are aware of this security strategy, and you need every employee to be aware of it in order to defeat phishing emails.
What a phishing email tipically looks like?
A perfect example of a phishing attack is getting an urgent email from a leading bank or credit card company, alerting you that there was a data breach and you need to secure your account, or it will get frozen.
The attackers are banking on the chance that you have an account with that particular bank or credit card company.
Receiving an urgent email can drive most people to panic, so they follow the instructions on the email and click the link or download the attachment, and that’s the beginning of the end.
Victims have no clue that they’re entering their credentials into a fake website controlled by the attacker or downloading malware into their computer.
Phishing attempts will tippically take any of the folowing forms:
- Modified URLs: These are URLs that visually duplicate the name of the actual company URLs, but may miss one letter. Therefore, be careful and make sure that it is authentic before following the link.
- Fake phone calls or emails: Fraudsters can call or write on behalf of a company representative and demand the provision of personal information. Never share this information with anyone until you are sure you are not dealing with scammers;
- Malware embedded in an email or a link: This is one of the most common hacks. Do not follow dubious links and use only certified programs to avoid intruders’ tricks;
- Fake order pages. Scammers can fake the order page in the store and get your personal data;
- Suspension of PayPal accounts: This is the method through which criminals try to take over your accounts and use your money for their own purposes. Often they send letters from fake email boxes and try in every possible way to find out information about your accounts and other data that allow you to spend your money. If the letter seemed suspicious to you, do not reply to it and contact the real representatives of the company.
Measures for preventing phishing attacks on your business
The sooner you take the necessary precautions to protect your business from phishing attacks the better. If the following steps are still not in place in your business then you are most likely open to malicious attacks.
That said, phishing attacks are always involving bypassing protection best practices so that your IT professionals or IT provider must stay up to date and constantly tighten and upgrade your security.
Let’s take a look at the phishing prevention you can and should apply in your business.
1. Phishing Email Detection
All employees in your business must know how to detect a phishing email. There are ways to dissect an email to check if it’s from a legitimate sender or not.
An email address search can trace the email back to its source, for instance, and if the domain is different from the name on the message, you can bet that it’s a phishing attempt.
Phishing emails don’t address the target by their name and can start with a generic greeting such as “Dear Valued Customer” – a telltale sign that the email is from a scammer.
Phishing emails also use fake or spoof domains that either mask the real domain or use one that reads like the original (Gooogle, Mircosoft) to trick the target into thinking it’s legitimate.
2. Regular Employee Cybersecurity Training
Even if you’re aware that these threats exist online and know what to do when faced with a phishing attack, your employees may not.
Ensure that all your staff receives basic online safety and hygiene training to educate them on how to interact with ALL emails (don’t click on links or download attachments), regardless of origin.
You have to be strict about following security guidelines to the letter because one small mistake could mean a significant financial hit. It would also help if you could run regular cybersecurity drills dedicated to phishing attacks, so your staff would know what to do in any given situation.
Constantly reinforce people’s cybersecurity awareness:
One of the popular tactics is sextortion. It differs in that a person’s emotions are used to stimulate the sending of the ransom. For example, fear or panic. Cofense discovered a sector botnet. In June this year, it had 200 million email addresses. Soon, their number increased by 330 million. Therefore, it is important to build people’s awareness. If you want to protect your business, be sure to pay attention to informing and training employees.
No technology can replace knowledgeable employees:
A large medical company was targeted by a phishing attack. However, reports from people about receiving suspicious letters allowed the security center to react quickly. The attack was stopped in 19 minutes.
3. Keep Your Operating System and Software Updated
Some phishing attacks still use malware that relies on unpatched operating systems or outdated software.
Ensure that all company devices are running the latest versions of their respective OSs, and ALL software are patched and up to date. Media players, PDF viewers, and any video conferencing programs should be updated because hackers often exploit these.
4. Conduct a Password Audit
Conduct an office-wide password audit to check and weed out weak and redundant passwords.
Enforce proper password policies that include using a strong password for every account and not reusing them anywhere else. All an attacker would need is one password to break in, and cause damage.
Invest in a password manager and make sure everyone is using the robust password generated by the program or a mix of three to four random words in a string.
5. Enforce Multi-Factor Authentication on All Accounts
Ensure that each online account has multi-factor authentication enabled by default to add an extra layer of security that attackers won’t be able to defeat without having the device with the authenticated code. You can use authentication apps that can run on a smartphone or a physical authentication device.
Don’t rely on HTTPS:
SSL no longer guarantees security. It is a protocol that is designed to provide a secure connection. Over the years, people have learned to distinguish between HTTP and HTTPS, going only to sites with the appropriate certificate. However, today the encryption protocol is also used by fraudsters. By the end of the year, 74% of phishing sites had TLS or SSL.
6. Isolate and Backup Critical Components
Your company’s infrastructure has critical components that not everyone needs to have access to.
Some segments don’t even need to be online. It would help to isolate the crucial elements in your infrastructure as much as you can, such as restricting access to some servers and keeping entire systems completely offline.
Having redundant backups will also help get your systems back in case of a ransomware attack.
7. Make the resource PCI compliant
It is important to be absolutely sure of this. This measure is not a complete guarantee of the site’s security, but it can stop a large number of fraudsters.
8. Create a secure connection
Use a VPN for work in public places and for remote work. This will help to prevent information leakage and protect you from the malicious intent of intruders. VPN is software that allows you to make IP dynamic. Thus, the use of the Internet becomes safe (I personally use this VPN service).
9. Install Web Application Firewall
It is a cloud service that sits between the site server and the data connection. Becomes the gateway through which incoming traffic passes. This allows WAF to track unwanted traffic and block hacking attempts.
Other threats to look out for
In addition to the more common phishing attacks, business sites must pay attention to protecting against other up-and-coming threats. The world of malware has a lot of threats within it, but the following 2 are especially worth noting. Since they are relatively new and most businesses are not aware of these threats, so they are not adequately protected.
1. Malicious bots
Malicious bots are a relatively new attack method. Such bots are self-propagating and are created to perform certain actions/tasks. They crawl (browse) the site first. In the process, security vulnerabilities are found. Then one of two things: the information is sent to the bot-master, or is used to perform a specific action.
Thus, the security of your site may be at risk. By resorting to such attacks, cybercriminals most often pursue commercial goals. They can steal your customer base and sell to competitors, or blackmail you for a lump sum in return for nondisclosure.
There are many such attacks and there is no single solution to prevent or resolve them. Therefore, it is advisable to have a separate technical specialist on staff who will be involved in protecting your site. In the event of an attack, he will be able to quickly respond to malicious activity and minimize the damage from this.
2. Attacks on websites and programs via MySQL injection
The essence of this attack is getting access to the database. Fraudsters detect loopholes in the back-end of the site or web applications and run malicious code. The latter is included in the request. After doing this, the fraudster gains not only access but also control over the target’s database.
Most often, penetration is carried out in one of three ways:
- Errors in the e-commerce website;
- Security vulnerabilities in user code;
- Bugs in third-party modules.
For reliable protection against this type of attack, you must carefully monitor the SQL server. This will help you to spot mistakes in time.
How Email became the biggest business security risk (infographic)
Having a modest organization doesn’t necessarily mean your attack surface is smaller or less appealing than that of a big company. Remember, phishing attacks can happen to anyone, and you can never assume that it won’t happen to you or anyone else in your organization.
The current pandemic that’s gripping the world right now has enabled countless scammers to ply their trade, and phishing attempts are up by a whopping 350% hitting both businesses and individuals with the same ferocity.
It would help to implement a proactive protection strategy that includes investing in cybersecurity & theft protection tools and employee security training on how to deal with phishing or other types of cyberattacks.
Having active security measures in place can help prevent attacks and mitigate the risks of a breach. Spending a little more on security now can save your finances and reputation in the future.