White Paper

How To Recognize And Deal With Phishing Scams

6 Security Laws IT Solutions Providers Should Know

For several decades, email has been the primary form of professional and casual communication on the internet. In April 2019, it was estimated that 293.6 billion emails are sent around the globe each day. Because it is such a widely used form of communication, there are those who seek to take advantage of its scope and exploit it. Statista reports that over 55% of emails sent are considered spam. Although spam inboxes assist in weeding these imposter messages out, there are still many that slip through filters and end up where trustworthy emails are sent. These emails, disguised as legitimate, are actually phishing scams that aim to attack users like you.

WHAT IS PHISHING

Phishing is the act of attempting to manipulate the recipient of a malicious email into opening and engaging with it. A sender of a malicious email intends to deceive a victim by making the email seem important and from a reputable source. These phishing emails may include harmful attachments, like PDF or Word documents, which once opened can cause harm to the user’s computer by installing forms of malware, ransomware, or other unsavory software. Phishing emails can also contain malicious links in the body that can lead a user to a fraudulent site. These sites are used to collect confidential information such as usernames and passwords, or to install malware onto a device. Once the victim’s information has been obtained, scammers will monetize the data by selling it to the highest bidder on Dark Web sites.

Deceptive Phishing is any attack by which fraudsters impersonate a legitimate company and attempt to steal people’s personal information or login credentials.

Spear Phishing is when fraudsters customize their attack emails with a target’s name, position, company, work phone number or other information in an attempt to trick the recipient into taking some action being requested by a known connection.

CEO Fraud is targeting an executive in an organization. Fraudsters attempt to isolate an executive and steal their login credentials. With these credentials they are able to perform a CEO scam. CEO scams occur when an email, seemingly addressed from a CEO or other member of senior management, is falsely created by a scammer in order to exploit the trust of employees. The imposter email seeks for the target to wire funds or share confidential information with the scammer.