Don’t Fall for the Bait: Everything You Need to Know about Phishing

Cyber threats come in all shapes and sizes. The same goes for phishing attacks. Phishing attacks are techniques used by cybercriminals to con users/employees into revealing sensitive information or installing malware by way of electronic communication. Attackers send phony emails that appear to come from valid sources in an attempt to trick users into revealing confidential information.

Other types of Phishing:

Vishing: “Voice phishing” attackers use the telephone to solicit unsuspecting victims for personal details.

Smishing: SMS messaging attacks where attackers send phony text messages to con victims into divulging private information or infecting the victim’s phone with malware.

Social Media Phishing: Cybercriminals use social media as a channel to carry out phishing attacks armed at sealing personal information or spreading malware; some attacks are even used to hijack accounts to launch follow-up attacks on a victim’s connections or followers.

Attack methods:

Mass-scale Phishing: A type of attack that isn’t highly targeted and casts a wide net to get as much information as possible.

Spear Phishing: A targeted attack that is tailored to a specific victim, or group of victims.

Whaling: A type of spear phishing attack that attacks a high-profile victim within an organization, such as a CEO or CTO.

“Cyber-attacks are as common as ever and becoming more elaborate as technology advances,” says UDT Sr. Cybersecurity Manager Adonis Sardinas. “You’re always getting phished. The question is how aware are you to successfully spot the scams?”

Sardinas recommends the following tips and tricks:

  • Be vigilant about emails that seem impersonal or use scare tactics
  • Never download files you’re not familiar with
  • Always check a URL before you click on the link—sometimes bad links are embedded into an email as a way to trick the reader
  • Companies rarely send out messages without proofreading content, so multiple spelling and grammar mistakes can signal a scam message
  • Most companies will have a brand identity that is recognizable in their emails. Look for logos, blurs, brand colors and contact information in the message

UDTSecure can be the solution to keeping you safe from online attackers.

UDTSecure provides organizations an advanced suite of managed security and threat intelligence services and solutions to quickly detect and respond to incoming threats focused on stealing critical data or disrupting operations. Our managed security services are designed to become an extension of your operations and significantly improve your security posture.

To find out how UDT security experts can keep your data secure, Contact us