PHISHING

What is Phishing?

Phishing is the fraudulent act during which an attacker pretends to be a reputable source via a communication channel (most commonly e-mail) with the sole purpose of acquiring the intended victim's credentials to then access sensitive databases or other private information storing areas. The attacker will usually attach a malicious file or link to the communication channel and after the intended victim falls for this ploy can then use the acquired information to blackmail or extort the victim for confidential business information.

Phishing is the most popular method of attack because it is much easier to trick an employee to click or download a malicious file than it is to attempt to hack into a business's network and other systems.

How is Phishing used?

A common first step in a targeted phishing attack is to gain as much personal information on the victim as possible which usually includes searching their social media accounts to collect vital information to create a believable email. There are also plenty of tools to automatically scrape the internet for the emails of an organization’s employees.

Furthermore, current events such as political campaigns or natural disasters can be used to make the email more interesting and enticing to the victims. The attacker can then craft a variety of malicious content to the link, including obfuscation of the URL to make it look legitimate....or a malicious link that can log the victim's keystrokes and record the information and credentials they enter.

Session Hijacking

This occurs when the phisher exploits a web session control to steal user information. A web session is simply the online connection between the user and the server after such a connection is agreed upon by both ends. The attacker can illegally access the web server via a sniffer which can sit in between the user and the server and intercept and listen to network packets over the network stream, gathering sensitive data.

Content Injection

This is when the attacker takes advantage of a vulnerability in a websites and inserts content (ex. Malicious code) to change the website to cause harm or collect valuable data. For example, the attacker may insert code into a login form that is designed to access a database on the website and collect data (SQL injection).

Spreading of Malware

Often times, attackers will attach a piece of malware to the email they are phishing with which can be in the form of almost anything including links, files, and even pictures. Trojans, a type of malware, can seem like an authentic file or program but secretly can collect credentials and other valuable data on the local machine, which can then be sent to the attacker. The victim, for example, may see the attachment as a word document file but when they download it the trojan is installed on their computer.

Ransomware

This has become a popular way for hackers to attack an organization to cause harm and/or receive financial gain. This can be spread to the victim’s computer via a malicious link or attachment and will deny access to the device until a ransom is (supposedly) paid.

Identity Theft

The confidential data that can be gained from a successful phishing campaign can allow an attacker to steal the identity of their victim.

How can Phishing hurt a business?

Once a phishing attempt is successful and an attacker gains login credentials to breach a network, they are free to either sit in the network and gather data (ex. Traffic in the network) or cause as much damage as possible by using vital data for financial gain or delete it altogether. In the event of a breach, it is important that the damage is mitigated as much as possible and that there is a proper incident response plan in place to ensure the business does not suffer further damages on their network as well as legal consequences.

Phishing Statistics

Approximately

1/131

emails in 2016 contained malware.

  • 76% of organizations reported being victims of phishing attacks in 2017.
  • The 3 most common impacts of phishing are malware infection, compromised accounts, and loss of data.

  • The approximate loss of employee productivity due to phishing is 63%.
  • A 2017 survey found that 61% of millennials and 23% of users aged 55 and older knew what phishing is.

How can Cyber Insurance protect against phishing?

Even if you have security controls like employee cybersecurity awareness training, e-mail filtering and endpoint controls in place, it is still highly important that your business is protected with proper insurance in the very likely chance that a phishing attack against you and your company is successful.

Get coverage

Running a business is challenging enough without having to worry about cyber liabilities and lawsuits. You are one click away from getting the vital coverage your business needs.