What is Phishing? | Cybersecurity Awareness Month
There’s no silver bullet when it comes to security. The digital world has become such an essential part of our lives, whether it’s staying connected with friends and family, shopping, running a successful organization, etc., there are vast amounts of data moving around the internet every day. All digital footprints leave our information vulnerable to cybercrimes. In honor of October being Cybersecurity Awareness Month and LiveAction’s more recent acquisition of CounterFlow AI, a leading network detection and response (NDR) provider, we thought it would be essential to bring to light some of the importance of cybersecurity.
Phight the Phish
Phishing is a cybercrime that uses email or malicious websites to infect your machine with malware and viruses. All of this, lures individuals to hand over sensitive data such as personal and business information, banking details, passwords, and more. This information taken can result in severe financial loss for an organization or the victim personally.
According to Google’s Transparency Report, encrypted traffic has increased from roughly 50% in 2014 to between 80% and 90% today. Regarding financial loss to an organization, the CISA reports that the average cost of a data breach for a US company in 2020 was $8.84 million. That’s an increase of $200K from the 2019 figure. Due to the pandemic, scams revolving around COVID-19 have been the most popular, especially regarding stimulus payments, testing, and personal medical information.
How phishing works is that the cybercriminals send links or request you to open an attachment that infects your computer, creating vulnerabilities. Emails, in particular, may appear to come from legitimate institutions and organizations and will likely request private information most don’t even realize they’re providing. As technology keeps evolving, cybercriminals are using more sophisticated techniques to steal your data.
Tips & Tricks to Securing Your Data
According to the Cybersecurity & Infrastructure Security Agency (CISA), popular messages cybercriminals might send are:
- “We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below, and confirm your identity.”
- “During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
- “Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”
To ensure you’re not falling into the cyber trap, we suggest:
- Doubling your login protection by adding multi-factor authentication (MFA)
- Shake up password protocols and consider being as creative as possible. Customize passwords for different sites to prevent a password that holds so much access in the hands of the wrong people.
- Your software is updated with the latest versions and maintains all security settings.
- Verify the authenticity of hyperlinks and be sure that you only open URLs that begin with “https.” The “s” indicates encryption is enabled to protect users’ information.
- Consider adding an email banner like [EXTERNAL SENDER] to emails received from outside of your organization. That way, your team is alert to clicking malicious links in the body or attachments of the email.
As you can see in this example email, an organization received a malicious link from an external sender. The Google Chrome attachment forwarded the user to a login portal, a replica of Microsoft Outlook.
Because this organization’s sales team was cautious, they realized the issue promptly. Someone less prepared could have gone down the rabbit hole of providing sensitive information – thus resulting in a data breach.
It’s important to use extreme caution when reviewing any email received from outside of your organization. Avoid clicking on these suspicious links and opening attachments, especially those requiring Microsoft macros to be enabled. Macro-enabled attachments can still bypass security tools, allowing threat actors to give them full access to the victim’s environment.
Here’s Where LiveAction and CounterFlow Can Help
CounterFlow AI’s unique security portfolio helps LiveAction partners and customers gain end-to-end network visibility into encrypted traffic. Its Streaming Machine Learning Engine processes packet data in real-time and at enterprise network speeds. At the same time, its advanced traffic analysis capabilities extract unique metadata to examine potentially malicious packet behaviors, automate alert triage processes, and more.
Their platform, ThreatEye’s analysis of network traffic characteristics, can uncover activity relating to a user browsing a phishing website or clicking on a malicious link in an email that prompts a network-based malware call-back, which is the common infection vector associated. ThreatEye can characterize network traffic behavior and correlate findings with threat intelligence to determine risk and potentially prevent damage from a successful attack.
If you’re interested in learning more about CounterFlow AI’s ThreatEye Platform, email their team of experts to schedule a demo today!