Phishing: What Is It and Why Does It Matter?

When you picture fishing, you may conjure up tranquil mental images of a little wooden boat on a peaceful lake with mountains sprawling throughout the surrounding areas. But phishing, on the other hand, is a far cry from such serenity.

By now, you've likely heard of phishing in some capacity; you may even know someone who's fallen victim to a successful attack. But, what is it, what should you look out for, and what should you do if you get caught on the hook of a hacker?

What is Phishing?

In simple terms, phishing is when an attacker attempts to lure a user into doing - or clicking - on something that they want. Typically, this is in the form of a bad link that can install malware on their machine or direct them to a malicious website.

These days, attempts can occur via social media, text message or phone - however, the most common form of such attacks is through email. Usually, there aren't any specific targets with phishing attempts - a lot like actual fishing, the 'phishermen' (if you will) cast their bait into a general direction and hope for a nibble. 

Once you're on the hook, they can install malware, sabotage your systems, or even steal intellectual property and money. Organisations of any shape and size aren't safe either - a simple Google search for 'phishing attacks' can attest to that.

Equally, there is a more targeted version of a phishing attack. Here, as the NCSC says, "the attacker may use information about your employees or company to make their messages even more persuasive and realistic", something that is referred to as spear phishing.

Why is it Relevant?

The ongoing conflict in Ukraine has led experts from Google's Threat Analysis Group (TAG) to issue a warning. A post on their site reads, "Government-backed actors from China, Iran, North Korea and Russia, as well as various unattributed groups, have used various Ukraine war-related themes in an effort to get targets to open malicious emails or click malicious links."

When a subject dominates headlines globally in such a fashion, it's only natural to expect to see relevant links, posts and emails about it. However, it's imperative to exercise caution on all levels when browsing online - or risk paying the price.

Things to Look Out For

Phishing attempts in their infancy were clear to spot - however, now they're getting increasingly harder to identify.

Cofense has put together a handy 10 step guide for things to look out for in a phishing attack. They are:

• An Unfamiliar Tone or Greeting
• Grammar and Spelling Errors
• Inconsistencies in Email Addresses, Links & Domain Names
• Threats or a Sense of Urgency
• Suspicious Attachments
• Unusual Request
• Short and Sweet
• Recipient Did Not Initiate the Conversation
• Request for Credentials, Payment Information or Other Personal Details
• See Something, Say Something

How to Stay Safe

As mentioned earlier, phishing attempts can look indistinguishable from a genuine email. But the best form of defence is to be sceptical of everything that comes into your inbox.

The level of your defences - and optimising things such as 2FA - can be the difference between an incredibly costly phishing attack and a close call.

You should apply common sense and operate with more than an air of scepticism in some situations - for example, don't transfer a hefty sum of money because an email has asked you to. Pick up the phone and call your CEO or whoever is requesting the transaction and confirm it's genuine - or better yet, ask them in person. Hackers make a living out of exploiting people - don't be their next victim.

If you spot something that doesn't look right - or you know is a phishing attempt, report it to the NCSC here.

What Happens if You Click on a Bad Link?

Sometimes, the worst can happen, and you might click on a malicious link. What should you do if this happens?

• Report it to the appropriate people within your organisation straight away. If you work with an MSP, alert them immediately too. That way, they can be alert for any suspicious or unusual activity.
• If you have access to sensitive company information or financial accounts, they may be compromised. Contact your bank immediately and consider closing the account(s).
• Equally, watch for any unauthorised charges appearing on your accounts.
• Depending on the nature of your organisation, you should consider reporting the attack to your local police department.
• If you're in England, Wales or Northern Ireland and have lost money - or been hacked by a phishing attack - visit www.actionfraud.police.uk or call 0300 123 2040. For those in Scotland, report it to Police Scotland by calling 101.

The Final Word

If you're worried that your network has holes that could be laid bare by a phishing attack, why not get in touch with an MSP such as Fifosys and hear more about how we can help?

With 24/7/365 defences and state of the art monitoring, you can rest in the comfort of knowing that your systems are safe from malicious outsiders. We're only a phone call away.