POLICE

The Human Firewall

Phishing is a popular threat, it’s always evolving.

Hackers won’t stop and will try an abundant of ways to get access to our private & delicate data. Email is a common means of access for cyber criminals, with it often being the frailest point of entry to a computer network, therefore being the most used and mistreated.

Emails can of course be filtered, but unlike other network entry points, can’t be blocked completely, otherwise you wouldn’t be able to receive anything from anyone!

Phishing… is the expression, to explain hackers masking their malevolent emails as genuine via a few clever tricks. Their goal is to lure you into clicking embedded links to websites that may download bugs, malware, or worse, tracking software that’ll collect your key data, such as your bank account login details.

How do they do it?

Masking emails as though they were sent from someone else’s mailbox is troublingly easy to do. Beyond that, (to ensure a greater chance of victory), they may well hack into a business’s mail server or an individual’s mailbox, to send the emails directly as that user.

The email itself, (in most cases), isn’t hazardous. It can simply be checked & then deleted from your inbox endlessly.

If you’ve clicked the link & downloaded the file or opened the attachment, your PC is then uncovered to the ‘hack’ & whatever dodgy software they intended to hit your machine.

We have embedded an example situation below, (with the victim sender’s details omitted), to which we refer to through this article. This email looks very truthful, given the correct sender’s full name, email address and even their full email signature & disclaimer being present.

Phishing-Example-768x511.png

What do they look like in my inbox?

You’ll receive it just like any usual email, the tricky part is recognising if it’s real or fake. It’ll be among all your other genuine emails. It’ll likely appear as though it’s from the sender’s name and match their correct email address. So, at first glance, you’ll be none the wiser.

If the email is disguised as though it is from a government department, it may well contain badly written language, poor quality logos, or requesting information that would normally be sent via the post or submitted via their secure websites.

The email is most likely to contain an attachment or a link, which is the lure to draw you toward their means by which they can enter your PC & snip your data. Until you’re sure, don’t click on any links.

What should I look out for?

When you receive any email there are a few key things to check, even if you recognise & trust the sender.

  1. The sender’s name & email address. Is it legitimate? Has it come from their mailbox or does something about the name or email address not look right?
  2. Does the email hold an attachment?

If it is a PDF, there’s a good chance that you’re safe.

If it is a Word or Excel document, it may be programmed to contain a virus that can take over your machine as soon as you open it & activate any “macros” set to run. Always question and be wary of Word & Excel documents that you aren’t expecting. Invoices are often a preferred trick of the fraudsters – always ask your suppliers to send their invoices as PDFs, that way you can have a rule to avoid opening anything marked as an invoice that arrives as an Excel or Word document.

The downside is, you cannot tell from looking at the file whether it is genuine or malicious before you open it – then it’s generally too late.

  1. Does the email contain any links?

Links are a little easier to check. Hover over the link and you can see where it goes.

If it’s an email claiming to be from HMRC or your bank, and the link wants to take you to a completely different nonsense website, don’t click on it!

If the link appears to be the actual website or where you would expect to land, like in the example below, then it may well be genuine, but that is no promise.

Phishing-Example3.png

With this example, the link takes you to a file hosted on Microsoft OneDrive. The email makes it look like this user genuinely wanted to send you this file, which is hosted in a trustworthy place. If the link appeared to be an un-trusted source, it would appear to be more mistrustful, but on face-value this appears to be authentic.

Clicking the link to visit the website, which shows to be a real Microsoft OneDrive file share, you can see a summary of the document, a PDF.

Phishing-Example2-768x279.png

Upon further examination, placing the mouse over the preview shows the Microsoft branded box with the “Open” link to just be an image, overlaid with a hyperlink to a shortened website URL via tinyurl.com. This cleverly masks the ultimate website address, likely a malevolent website.

Phishing-Example4.png

Had the “Open” button highlighted, like a normal website button would, and the document been able to be viewed within the browser it would have been genuine. However, clicking this link does take you through to a virus riddled website, leading to my email accounts likely susceptible to being hacked & sending out the very same email I received, claiming to be me.

In Summary

Be cautious, of everything. Even if you believe to know the person that sent you the email.

Follow our simple 3-step check list – sender’s name & email address, attachments and links. Checking these three key things before taking any action with the email will help you remain protected.

 

Who are Iron Dome?

One of our core values is to help educate and empower businesses with the knowledge around cyber security and keeping their IT systems safe. A conversation may not lead to us working together, but if you are able to learn anything from a chat with our team then we have accomplished what we set out to do. Educate!