Phishing Remains a Stubborn Security Problem: How to Lick it for Good

Guy fishing on lake

Savvy IT pros rarely fall for phishing scams. But even the most experienced are sometimes tempted by the sophistication of these exploits. While you might not be pretty for these tricks your end users might, and that leaves your network exposed.

Like other exploits, phishing attacks are getting more dangerous all the time. The key, or course, is to build an e-mail message that appears to be from a trusted source such as a bank. Once a victim is convinced of its authenticity and clicks the link, they are sent to a clone of the real website, and asked for personal information, credit card numbers and other bits of data one should never give up.

Even more troubling for IT, phishing attacks often seek user names and passwords. Once the bad guys have these, your network could be in big trouble.

Phishing is prevalent because it works, is generally driven by financial gain, and uses both email and social media. Here is what the Verizon 2017 Data Breach Investigation Report had to say. “There were a little over 1,600 incidents and more than 800 breaches featuring social actions in this year’s corpus (all external actor driven). Phishing was again the top variety, found in over 90% of both incidents and breaches. Once successfully phished, a number of things can happen: software installation, influencing disclosure of sensitive data, repurposing of assets and so on. In last year’s report, we discussed how the majority of remote breaches began with the same chain of events; phishing to gain a foothold via malware, then leveraging stolen credentials to pivot off of the foothold. It also holds true this year—95% of phishing attacks that led to a breach were followed by some form of software installation,” the report explained.

So what can you do about phishing?

Can your spam

The hook for a phishing scam is a well-crafted email, which by definition is spam. That means getting a lid on the spam in your shop with a filter. Since spam may still get through, also make sure your antimalware solution can detect and take care of these messages.

Make sure end users can spot the fake stuff

Phishing works through trickery, so train your end users not to fall for it. Here are a few items to cover in a training session or handbook:

  • How to spot a bogus e-mail.
  • That they should only click links they know with 100% certainty are authentic.
  • If they question the authenticity, but aren’t truly sure, they should go directly to the website, say of their bank, and see if there really is an issue.
  • Uses should never give their credentials to a site they got to through e-mail.

Here what a phishing scam looks like

While it can be hard to tell a legit message from a fake, there are usually telltale signs. Here is an example from the Microsoft Security Center.

Phising Example

In some less sophisticated phishing messages there are misspelled words and bad grammar. And the address of the sender tries to look legit, but if you look closely is clearly not from the place it should be from.

The links within the mail are also sketchy, but hopefully the end user has spotted the scam before they try to check out the link address.

Microsoft Used as a Foil

Hackers try to use trusted companies as a phishing lure. I got a message purportedly from the Microsoft Outlook team. The message was well designed, and looked real at first blush. See if you can spot the signs of a fraud.

Dear User,

As part of our effort to improve your experience across our consumer services, we’re updating the Microsoft Services Agreement and the Microsoft Privacy Statement. We want to take this opportunity to notify you about these updates for your safety.

If you do not update your Microsoft account within 24 hours your account will be deactivated and deleted from our server and you will no longer have access to many of the features for improved Conversations, contacts and attachments.

Take a minute to update your account for a faster, safer and full-featured Microsoft Outlook experience and to avoid your account being De-Activated.

Thank you for using Microsoft services.

Microsoft Admin:

Microsoft respects your privacy. To learn more, please read our Privacy Statement.

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052

Making things trickier, the link to Microsoft’s Privacy Statement was authentic.

Two Final bits of Advice

Here are two things your end users should take to heart:

They must never even open e-mail from organizations they’ve haven’t done business with or given their address to.

If a user clicks a malicious link and sees anything suspicious, have them shut down their machine and contact IT to stop any further spread.

Stay Protected

Phishing is malware, so antimalware is a needed defense. Fortunately, Kaseya VSA offers multiple types of protection such as patch management, anti-virus and antimalware. Find out more about this end point management solution here.

Posted by Doug Barney
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.

Patch Management Policy Features, Benefits and Best Practices

In 2020, Ryuk Ransomware operators shut down Universal Health Services by exploiting the zerologon vulnerability to gain control of domainRead More

Endpoint Security Basics: What It Does, How It Works, Controls, Technologies and More

Each new endpoint added to a corporate network expands its security perimeter, and since endpoints serve as gateways to aRead More


Endpoint Protection: Why It’s Important, How It Works & What To Consider

Endpoint protection, also known as endpoint security, involves the use of advanced security tools and processes to secure various endpointsRead More

IT Risk Assessment: Is Your Plan Up to Scratch?

A risk assessment is a process by which businesses identify risks and threats that may disrupt their continuity and haltRead More

Download the 2022 IT Operations Survey Report - Click Here
2022 Benchmark Survery Results