In a recent post, security firm KnowBe4 described a targeted phishing attack that is tough to detect and stop. So, it is best to be aware of how the scam works to avoid the trap. As always, with phishing attacks, vigilance and proper training are key.
Here is a quick overview of how it happens. Make sure you educate your employees. It is extremely difficult to recognize. Remember, your company is one click away from a cyber attack.
- Scammers perform research on the target company and identify a trusted vendor.
- Once identified, hackers send an infected email to an employee of the trusted vendor, taking over his or her account. They’ll lock out the employee from their account by changing the password. This gives the hackers time to proceed.
- Criminals then spear-phish the targeted company, using the trusted vendor employee’s email. They often mirror past emails the vendor has sent so as not to raise suspicion. The email also contains an infected attachment.
- Since the target company employee knows the vendor, the infected attachment is opened, compromising that workstation and often the entire network.
As you can imagine, this type of attack has a very high rate of success since the email is coming from what appears to be a “trusted source”.
Combat this type of attack by following this rule:
if you receive an email with an attachment or link that you did not request that appears to be from a company or someone you know― call them to confirm before taking any action. NEVER ask for confirmation by return email since you’ll receive an affirmative reply from the hacker.
I can hear the moans and groans already! Yes, I know this is time consuming and highly annoying, but a scam of this type is almost impossible to detect otherwise.
Think about it. If a hacker took this much trouble to penetrate your network using indirect sources, they are after something that is very valuable to them, such as: Personally Identifiable Information (PII), credit card data, banking and financial information, etc. All companies, large and small, have this type of data which fetches a good price on the dark web.
Train your employees to look upon such emails, even if they appear to come from legitimate sources, with suspicion especially if the communication was unexpected.
It is a shame that we must conduct business in this way, but it is now a sad fact of life. Take proper precautions―don’t become a victim.
XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 300+ Petabytes of data with over 800 employees and 9 offices around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause.