Phishing - The source of all attacks

The word "phishing" sounds like "fishing" for a reason - it also describes the action that serves to "catch" the victim. And the same way as in fishing, lures are used for this purpose. Such a lure is usually a carefully prepared fake email. Its purpose is to encourage the victim to click on a link in the message, download a document or open a file attached to the email. Attackers are able to create a fake message that looks authentic and from a trusted source such as a friend in the next room or a supervisor. Of course, attackers greatly succeed also with messages pretending to communicate with external companies such as telecommunications or courier. It is easy to convince the victim to check the supposedly lost invoice or to track a delivery which in fact never reaches us.

The times when phishing emails were sent out in bulk to random recipients and contained a lot of language errors, which made it relatively easy to spot them, are over. Nowadays, attackers craft specially profiled messages for a specific group of recipients. Attacks of this type are preceded by a thorough analysis of information about their victims available on public networks and social networking sites. If the targeted company regularly uses services of certain subcontractors or suppliers, it is easy to use this to send an e-mail with an attachment pretending to be an amended invoice. Such targeted attacks are referred to as Spear Phishing.

Are there any means of defending against such attacks? The most important thing in such cases is vigilance and awareness of the threat - features that should appear in the employees' personal development plans on an ongoing basis. It is impossible to predict all forms of attacking activity because each of us may be sensitive to a different kind of "bait". If the content of a message seems any bit suspicious to us, it is always best to double check it, e.g. by phone. It is worth looking more closely at the addresses of the links inserted in the message, for example, whether they contain spelling errors. Suspects may also include messages encouraging quick action, e.g. urgent confirmation of a transfer or a document check. Often attackers send such messages at the end of the working day hoping that the victim will not dwell on the legitimacy of the content and will quickly perform the provoked action.

In fact, phishing is not always aimed at achieving a quick effect and profit for the attacker - as would be the case with a direct request to transfer money to a false account. Most often it is only a prelude to further attacks - such as taking over logins and passwords to IT systems, running malicious software on the user’s machine or scamming credit card data. It is therefore a kind of a gateway for hackers, and the final results of opening an e-mail are difficult to predict and depend only on the inventiveness and capabilities of the attackers. The best way to resist such attacks is to have regular social and technical tests carried out by experienced cyber security companies.