14 Nov How to Identify Email Phishing Schemes & Protect Your Business
Email Security Training can Save Your Business
Many of us have seen or received an email from a Nigerian prince pleading for an immediate transfer of urgent funds, promising to repay us for our help. This phishing scam and scams like it are so ubiquitous, they are obvious.
Unlike these random, often unbelieveable email phishing schemes, business spear phishing schemes are highly targeted and dangerously believable.
According to Norton:
“Spear phishing is an email that appears to be from an individual or business that you know. But it isn’t. It’s from the same criminal hackers who want your credit card and bank account numbers, passwords, and the financial information on your PC.”
Spear Phishing is Becoming More Prevalent, More Advanced & More Dangerous
A 2015 study by the National Cybersecurity Institute proves that spear phishing is a serious and dangerous reality for small businesses.
- 38% spear phishing targets companies with 250 or less employees
- Malicious emails appear to come from someone in the company you know (often an executive)
- Between 23% and 30% of spear phishing emails are opened. 11% of attachments are opened (and these attachments contain harmful malware).
Bottom line: spear phishing still happens and it could affect your business.
How to Identify Spear Phishing Emails
Spear phishing schemes in business are often sent from specific individuals (like CEOs and upper management) and ask for sensitive information or large sums of money.
Here are some red flags that will help you identify malicious emails:
- The domain name of the email address is slightly misspelled (by one letter or so)
- The name in the “From” field is different from the name in the email
- The attachment is a zip file, but you do not know the sender
- Something just doesn’t seem right (huge money transfer requests,it is not logical for a specific person to be making such a request). Trust your gut.
Mini Case Study
The General Manager of a manufacturing company received an email from the (supposed) Owner of the company with the subject line: Invoice Payment.
For the General Manager, this was a common type of email to get.
The email said:
For Fred, this email seemed normal. But there were a few red flags:
- $17,250.00 was a huge invoice. Much larger than normal.
- He didn’t know a Mr. Dennis Fitzgerald
But this email was from his “boss”, so he replied asking for more information.
The second reply had even more red flags.
What were the red flags?
- “Oh…I was thinking you already received it.” – Is a strange statement. It represents lack of ownership and ambiguity not uncharacteristic of the owner of the company.
- The account information in the email. It is obviously safer and more common to deliver this information in a more secure way.
- The urgency (this email and the previous email ask for it to be done right away)
At this point, Fred rightly knew this was a phishing scheme and emailed our support team.
The malicious actor impersonating the owner is using a domain that is one letter off from the client’s actual domain. Only a person with eagle eyes or good security training would notice the problem.
What To Do If You Suspect a Spear Phishing Email
If the email subject line is obviously suspicious, don’t open it and delete the email so you don’t accidentally email it in the future.
But if you weren’t able to spot it before you opened it:
- Don’t click on any links
- Don’t open any attachments
- Contact your Managed Services Provider and let them know
Then, your MSP will take the necessary steps to protect your business by making back ups, upping your spam blocker, and making your systems are secure.
How to Prevent Becoming a Victim of Spear Phishing
Cyber attacks are a serious threat to businesses. 60% of SMBs close within 6 months of a cyber attack. You can help protect your company by training your employees to know the signs and protocol.
- Train employees to know the signs of spear phishing emails
- Establish company-wide protocols for money transfers, password updates, and exchanges of sensitive information
- Work with a trusted managed services provider that will help you identify and protect against schemes