Phishing - What is it?

Written By Chris Smith

IT security is a never-ending process. But as the software, the updates, the anti-virus stuff gets better than ever, the emphasis is increasingly on you as the end-user. Is your password good enough? Should you enable more security? Is it ok to open that attachment? We plan a series of blogs to help you make head and tail of all of this.

Our first blog begins with “phishing”. This is where a malicious person sends a fake email to you, often pretending to be someone else, to trick you in to clicking on a link or logging in with your details.

In reality, the person sending this will not be who you think it is, and the link to click will definitely not be a legitimate link.

The way this can work is that the sender can easily change their ‘Display name’, and quite a good way to trick someone is to use something generic but official-sounding, like Accounts, or Finance, or Reception etc. This reduces the chances of you checking it out with a real person.

The next trick tends to involve some sort of pressure, or something that is time-sensitive.

This might be “transfer some money we need in the next 20 minutes!”, or “your account has authorised a transfer of money unless you say otherwise in the next 10 minutes” – basically something designed from stopping you from checking it out.

In this example, which is very close to what one of our customers actually received recently, this email header appears unthreatening, and plausible:

From: Accounts <ekta.ahuja@pinelabs.com>

Sent: 07 February 2020 14:15

To: Chris Smith <chris.smith@compconsult.co.uk>

Subject: Mail Server Error Failure

And in some email programs, the sender would just appear as ‘Accounts’.

A subject with a ‘failure’ of some sort is also clever as its designed to immediately trigger some action on your part.

Hovering your mouse over the link will often reveal the ‘true’ website, which is likely to be quite different from the one it seems to be

In cases like this, security software will not help because there is no virus or malware.

If you are in doubt, please forward a suspicious email to us and we can examine.

Please don’t click here to confirm you understand the above

Chris Smith
Previous

What is Ransomware?