Security Magazine Discusses Email-Based Threats Including Phishing, Malware and Suspicious Links
Hikvision Offers Tips to Avoid Malware from Phishing
In the Security magazine article, “The Biggest Email Security Challenge Facing Organizations Today,” the author discusses email-based threats including phishing, malware and suspicious links.
From the article: “… email’s ubiquity and popularity comes at a price: vulnerability. With the growing prevalence and success of targeted social engineering attacks, email continues to be a shockingly easy entry point for cybercriminals. In fact, the FBI’s 2017 Internet Crime Report indicates that business email compromise and phishing drives 48 percent of all internet crime-driven financial loss – more than all other business-related Internet crime combined. Depending on their form, these targeted attacks are called by a number of names – spear phishing, business email compromise, impersonation, credential theft, etc. – and have a disproportionately large impact on an organization as they gain access to confidential information …”
Email security professionals are reporting payload attacks such as malware and suspicious links or attachments are permeating their cybersecurity defense mechanisms. Phishing is one of the most pervasive attacks, according to the article. And, impersonations are the primary weapon used by phishing professionals in their attempts to hack into systems.
Hikvision’s director of cybersecurity, Chuck Davis, recently wrote a two-part blog on phishing. In it, he outlines common malware attacks using email phishing.
Steps to Reduce Phishing Attacks
“Phishing attacks have long been an effective way for attackers to trick people into divulging sensitive information or infecting a system with malware. Malware can give an attacker remote access to protected systems and networks, encrypt a user’s data and charge a ransom to decrypt the data, or use that system as part of an attack against other systems,” said Davis, in part one of the blog series.
Davis provided a detailed overview of examples of phishing, including masking a URL, a hacking tool used to increase the likelihood that a user will click an email link because it appears to be from a trusted source. He recommends carefully inspecting email headers by checking the “From” and “To” fields for anything irregular or suspicious. Also, hover over any link in an email to read the entire URL before clicking. If the URL is spoofed, then you will be able to tell with closer inspection if it is not taking you to the stated website.
Top Seven Tips to Avoid Becoming a Phishing Victim
The U.S. Computer Emergency Readiness Team (US-CERT) has provided a list of the top seven tips to minimize risk of becoming a phishing victim. They include:
- Filter spam.
- Be wary of unsolicited email.
- Treat email attachments with caution.
- Don’t click links in email messages.
- Install antivirus software and keep it up to date.
- Install a personal firewall and keep it up to date.
- Configure your email client for security.
- Phishing has become an effective way for hackers to get individuals to unintentionally infect a system with malware, taking precautions and following the steps above can minimize security concerns.
To read Hikvision’s phishing article, click here for part one and here for part two. For more cybersecurity tips and insights from Hikvision, visit this link.