Do not feed the phish!Submitted by Prosperity Advisory Group on March 20th, 2019
by Scott Sirois
Microsoft just released their Security Intelligence Report, its annual cybersecurity summary, and it states that phishing is still the most popular way for cyber-criminals to attack.
Phishing is the deceitful attempt to acquire sensitive information (usernames, passwords, credit card details, etc.) by disguising as a trustworthy entity in an electronic communication, primarily email.
“Phishing continues to be a major attack path for one simple reason: access is everything—and phishing attacks give attackers access. Login credentials, account numbers, social security numbers, email addresses, phone numbers and credit card numbers are all pure gold to scammers—they’ll steal any information that will give them access to accounts.” (F5 Labs)
The quality of phishing emails is improving and fooling more and more unsuspecting victims.
ZDNet just published an interesting article revealing some common themes in phony emails sent to businesses.
“The most common subject lines used in phishing emails targeting businesses show how cyber criminals are exploiting urgency, personalization and pressure in order to trick victims into clicking on malicious links, downloading malware or otherwise surrendering confidential or sensitive corporate information.
After analyzing 360,000 phishing emails over a three-month period, researchers at cybersecurity company Barracuda Networks have detailed the most common lines used in phishing attacks – these subject lines are the most common because it's highly likely they're often the most successful bait for reeling in victims.”
The top 12 phony subject lines are:
- Follow up
- Are you available?/Are you at your desk?
- Payment Status
- Invoice Due
- Direct Deposit
Don’t be phished. Remember E.M.A.I.L. when reading emails: Examine Message And Inspect Links. An extra minute or two up front can spare hours and days of anguish after the fact.
Stay tuned for more as we help you be “Fit to Click.”