There are several versions of the phishing attack but they generally follow a similar pattern. A victim is presented with an official-looking electronic communication (such as an email or webpage) that requests them to enter certain credentials, often an email address, credit card number or bank login. These credentials are then passed on to the author of the phishing scam for their use.
To give you a better idea of how this works, let’s walk through an actual scenario that recently happened to one of our customers.
Our customer is a CenturyLink customer so when she received an email from them relating to her email account she opened it. The message stated that her email account was approaching its storage limit and she should log in immediately to delete old messages or the system would delete them itself. The email appeared to be legitimate, it had the CenturyLink logo and appeared to come from an official email address. Our customer clicked the included link in the email in order to comply with the message but the page wouldn’t load. After trying several times, the customer contacted me to figure out why she couldn’t access the link in the email. When I examined the message, I immediately noticed several suspicious elements in the message, including some English translation errors. The most obvious sign that this message was counterfeit however, was the link. When I hovered the cursor over it the link was revealed to redirect to a malicious site, NOT a CenturyLink site. So why couldn’t the customer navigate to that site? Fortunately, our customer had purchased Emsisoft AntiMalware and it prevented her computer from accessing the site.
I later examined the link in the message and found it lead to a fake CenturyLink site where the victim would be required to enter their email address and password, as well as other personal information. Armed with these details, the perpetrators would have been able to access our customer’s email accounts and perhaps other secured information.
Emails are a popular vector for these attacks but they also appear on social media sites like Facebook, Twitter and Google+, or can be made to look like official websites like the IRS or your Internet Service Provider. So how can you protect yourself from these attacks?
1.Use a paid anti-malware product such as Emsisoft. Anti-malware software will help to mitigate the number of attacks as well as warn you of potentially dangerous sites. If you do receive a warning, don’t simply dismiss it. Instead, take the time to evaluate the first. If in doubt, check it out or simply give us a call!
2.Don’t mindlessly click on links! Hover your cursor over the link to see where it actually goes.
3.Don’t search for websites; type their address directly into the address bar of your browser. Typing a website into a search box (such as Google, IRS, or Yahoo) simply runs a search for the site. Since these are popular sites, it is very common to find fake links in the search results. Case in point: searching for the IRS on Yahoo brings results for irs.gov (the real Internal Revenue Service site) and irs.com which, according to their about us page “IRS.com is in no way associated with or endorsed by the United States Department of Treasury or the Internal Revenue Service. It is a non-governmental, privately owned website, operated by Banks.com, Inc.” Sounds like a great place to file your taxes, right?
4.Don’t succumb to social engineering. Social engineering is a form of psychological manipulation of people in order to gain the victim’s trust or access to secure information. An example of social engineering would be the Trojan Horse; from which we get the Trojan virus nomenclature. A more modern example would be the popup that says your computer is infected. Most people don’t know whether their computer is infected or not so when someone tells them it is, they tend to believe them, especially when the message is accompanied by unusual behavior on the computer.
5.Use two-factor authentication when possible. Although somewhat inconvenient, this security option does make it more difficult for your accounts to be compromised.
What to do if you HAVE been a victim.
Change your passwords as soon as possible, preferably from another computer. This is because the device you were using may have been infected by a key logger (which tracks what you type) or other malware that can leave you vulnerable. If you gave away any banking or credit card information, call those institutions immediately and explain what happened, they will be happy to help you change your accounts and login credentials to prevent fraud.
Contact Yellowstone Computing to have your computer checked for possible infections and if you haven’t been using a good anti-malware product, get one. We now offer service plans to protect and enhance the performance and security of your computer year-round! Both plans include Emsisoft Anti-Malware, Windows Updates, third-party software updates, system cleaning and maintenance as well as technical support! Pricing starts at just $15.95 per month after an initial setup fee of $49.95 which includes a full Tune-up! Call us today for full details! Mention this article and save 25% on your first month of service!