By John Garza
May 31, 2017
Phishing attempts come in all shapes and sizes but the most common threat comes through one of the most commonly used types of business and personal communication channels, email. The email scam attempts to cloak itself as a legitimate message from a friend or business contact doing all that it can to hide the heinous package that lies within. Even though the messages appear to be from a trusted source, they are designed to trick you into giving up personal information whether you are aware of it or not. That information could be a security key, credit card number or even your social security number. The bad actors then use that info to steal from you or worse, assume your identity.
These are targeted attacks against a specific person or role within a company. They are commonplace in email communication and on social media. The ruse starts by tricking the recipient into thinking they have a connection with the source or sender with the goal of luring them into clicking on a malicious link or email attachment.
A form of spear phishing, whaling specifically targets executive officers and other high-profile targets within an organization.
Noted as the most common form of phishing, this attack is carried about by fraudulent actors impersonating a trusted company with the attempt of stealing login credentials. Financial institutions and credit card companies are among the most mimicked and actors form a message that is designed to scare the user into thinking they have to act quickly or risk damage in some way. For instance, someone may get an email from their bank stating they suspect fraud on their account and they should click a link to confirm or deny a purchase. The participating victim trusting the source of the email clicks on the link and the damage is done.
A more specialized form of cyber attack, the online drive attack can happen on any cloud drive platform and has recently taken place against both Dropbox and Google Drive users. The offending actors disguise a login page to look legitimate while behind the scenes are copying login credentials. Once the actors are in, they have access to all the files within the account and will use the information to gain further access and exploit both company and personal information.
While there are many schools of thought on how to best guard yourself against a phishing attack, the best way to keep yourself safe is to practice good security hygiene and to undergo routine training within your business on security best practices. In addition, here are some additional things to consider:
If you have questions or would like to learn more about how Jungle Disk can help to strengthen your security approach, reach out to one of our experts by phone at 1(888) 601-0401 or by email at firstname.lastname@example.org.
Stay safe out there!