Technology Blog

Technology Blog

facebook google plus google plus twitter

Small Pond, Big Phish (Protection)

Jackson Ferreira, Aug 08, 2022

Did you know that ransomware is estimated to be a billion-euro-per-year crime? Today, we’re exploring the cyber-attack known as phishing. No, not the sport of catching our majestic aquatic cousins of the land, I’m talking about the other kind. The sort of phishing that has become the easiest and cleanest way for cybercriminals to steal personal data like passwords and banking information. You’ve likely experienced this type of cyber-attack if you’ve ever received a suspicious email from someone impersonating a legitimate company like DHL, Microsoft or Dropbox, urging you to click a link in the email.

Hopefully you’ve never pushed that button and opened a can of Cyber-worms but for many recipients of this effective form of attack, it can be very hard to tell what is or isn’t genuine. And if you were to click that link, well, you could effectively be handing over your personal data to the criminals. With access to your private information, they can choose several ways to disrupt your day. From stealing passwords, to accessing your eBay and Amazon accounts or emptying your bank accounts and locking you out of your own accounts. They can even impersonate you to try to trap the next would-be victim. It’s scary stuff for sure! And it happens all the time. Luckily, there are companies out there that make it their business to offer solutions to thwart the criminals and protect consumers and businesses alike. At Sorrin IT, we offer PhishProtect. As well as protecting the user from the common gardener varieties of spam, it employs state-of-the-art techniques that go the extra mile in weeding out the cleverly crafted phishing emails. So let’s look at some common types of phishing attacks and how PhishProtect from Sorrin IT tackles them.

 

Spoofed & ‘Look-a-like’ Domains

Spoofing is when the domain part of the sender’s email address (the part after the @ symbol), looks like a legitimate company or someone you know when, in fact, the email is sent from a completely different random domain. This is especially tricky to spot on a phone as often only the sender’s name is shown rather than the underlying email address of the sender. PhishProtect won’t be fooled by this though so the spoofed email will never make it into your inbox. Domain look-a-likes is when an email sender appears to be from a legitimate company but, on closer inspection, the domain contains a slight variation in spelling that’s hard to spot at first glance.

 

Spear Phishing

Cool name but a devastating form of cyber-attack. Using similar techniques to those above, this type of email infiltration impersonates a sender known to the recipient. These could be fellow employees including their office extension numbers and email signatures that can all appear 100% legitimate. For example, the criminal could impersonate a company CEO and send a request to the Financial Controller for a bank transfer. The emails are crafted to sound genuine so there’s little reason to question the request – especially when everyone is busy and not paying full attention. Within a few minutes the cyber-criminal could be sitting on a small fortune.

 

Malware

This method is used to infiltrate companies where it can shut down entire networks with viruses, locking users out whilst having a free-for-all with their passwords and data. Typically, it’s used to access accounting information but virtually anything is on the table if they get in. It often starts with a single phishing email containing a link to a booby-trapped file or website. This is where the criminals really get clever. When this email initially hits your inbox – often in the middle of the night – the website it links to appears clean to your mail server and bypasses its default spam and virus filters. As far as they’re concerned, it’s a safe site with no suspicious content. However, a few hours later, having bypassed these initial defences, the hackers can switch out the clean content on the website for their malicious code – the trap is now set and is just waiting for the email recipient to login the next morning and click on the booby-trapped link.

 

How PhishProtect Defends you

PhishProtect is dedicated to stopping threats like these. As good as most spam filters are, they just can’t keep up with how quickly cyber-criminals evolve their approaches. In additional to multiple-engine spam filtering, domain name spoof protection and malicious attachment blocking, here are a some additional ways PhishProtect combat attacks:

 

Real Time Link Checking

When an email that contains links to external files or websites arrives at your mail server, PhishProtect automatically replaces the links with unique versions that point to the PhishProtect security servers before delivering to your mailbox. Now, when you click on the link, the PhishProtect server checks where the link is leading and makes sure its safe first before then allowing you to continue to the site. On the other hand, if the link is leading to a suspicious or known malware site, it notifies you of this and blocks access, thereby preventing any infection.

 

Smart Quarantine

If PhishProtect can’t determine an email’s legitimacy on first inspection it will put it in quarantine. It will then send a request to the sender asking for them to reply with a Captcha code. Genuine sources will follow the steps and reply thereby confirming the email was not sent by an automated bot (most spam is). PhishProtect then knows it’s from an authentic sender and will deliver the
email as normal. This goes a long way in rooting out the vast majority of malware without the user having to intervene at any stage.

 

Managed Service from Sorrin IT

Sorrin IT will take care of all the setup and manage this industry-leading service for you. It is all done at domain and mail server level so there are no changes needed on individual PCs or laptops. Business owners can be confident that their security interests are being met and the seamless operation of the solution means it’s hassle free too.

 

Final Thoughts

It’s currently reported that there are over 3 billion phishing attacks per day, 96% of which arrive through email. It’s a seemingly simple method but it’s working and cyber criminals are thriving where businesses are not putting the right data security protections in place. Sorrin IT’s ecosystem of products all work together in bolstering digital defences and PhishProtect is one such product. Seamless, user-friendly, and at the same price as a cup of coffee, PhishProtect from Sorrin IT is your answer to phishing attacks. Skip the coffee and get in touch with us today to find out more.

Contact


Or Call us on 045 940 050
Or email us at hello@sorrin.ie

Copyright © 2022 Sorrin IT. Web Design Dublin by Juvo.