HomeAnalyst Training
Phishing: Types of Attacks and How to Avoid Them
HomeAnalyst Training
Phishing: Types of Attacks and How to Avoid Them

Nowadays, cybercriminals need not find a way to get through the security system. They can penetrate any company using their passwords, which they collected from phishing attacks.  Company losses and phishing have a strong connection. In 2020 the figures for the 1st quarter are overwhelming: 165,772 phishing sites were identified. (as reported in the recent statistics). Let’s find out what it is and how to avoid it.

What is Phishing? 

Phishing is cybercrime, its goal is to get access to confidential data, for example, personal information, passwords, etc. It is often manifested as an email, telephone, or text message on behalf of different services.

The results of these attacks can be awful. Companies that face phishing may turn out to have huge financial losses, data loss. And don’t forget about quite fragile things like reputation or customer trust. Who knows how much time is needed to recover after it?

Companies connected with finances and payment areas are more likely to be attacked by phishers. But the most common victims are users of webmail and SaaS. Organizations whose main sphere is high technology are also at risk. 

Google and Facebook’s total financial loss suffered in the phishing attack is estimated at $100 million in 2018.

The financial loss of Pathé, a major film production and distribution company amounted to €19 m. A phisher pretended to be CEO and asked a senior executive to transfer money to a fake account. 

Common Types of Phishing Attacks

Phishing is an example of an Internet scam that involves sending emails that look authentic (a message, logo, direct link to the site of so-called service) where you’re asked to give you your personal information. Moreover, this link can lead to a malware installation, stealing sensitive information, or it can be a part of a larger attack, for example, ransomware. Let’s have a look at the types of attacks to get the entire picture of possible phishing actions.  

  • Spearphishing

The Spearphishing goal is a specific company or user. Targeted attacks are highly dangerous, cybercriminals spend a lot of time gathering information concerning the exact recipient. Spearphishing has 3 forms: attachment (malware is there), link (malicious file for downloading), and third-party service(messages from social media or webmail). Usual phishing has a lot of goals and their mass approach isn’t as successful as spear one, where everything is designed for only one target. 

  • Whaling

This type is very close to spearphishing, the only difference is that it targets senior management positions. The stolen information is much more valuable, that’s why it takes longer to create a phishing email.

  • Pharming

Pharming is an advanced type of phishing. Instead of going to a site, you are redirected to a fake one. This is executed by poisoning your cache on DNS. You need to be careful while downloading programs and opening emails, as pharmers can work both from the browser’s cache and malware on your computer. 

  • Vishing and Smishing

Vishing and Smishing are types of phishing, in which cybercriminals contact their victims via phone calls or text messages to get some sensitive information from them. In both cases, it’s better to investigate whether it was a contact from a valid company.

How to Avoid Phishing Attacks?

Protection from phishing attacks will be effective if employers and organizations work together.  

  1. Organizations should be on the lookout, as they might be dealing with different types of attacks. Two-factor authentication, frequently changing passwords, and staff education should be a part of your internal work.
  2. Having antivirus software and updating all systems regularly can protect you from these attacks. 
  3. Employers need to be attentive enough to spot who they are receiving messages from. Also, you should check if there are any spelling mistakes in emails or domain names, a scam usually has ones. 
  4. And of course, there is no need to click on a suspicious link or attachments. Take your time to find out what is exactly in front of you. If you’re confused anyway, you can use ANY.RUN to analyze doubtful emails. You will spend several minutes and will be sure of your safety. 

How ANY.RUN Can Help to Identify Phishing?

Phishing is one of the effective ways to penetrate organizations. A lot of cybercriminals start their attack with it. To avoid different defense software, they pack and encrypt their malware. Our solution can help you to see the file’s true colors. 

If you suspect the file or a link to be a part of a phishing attack, there is a way we would like to offer you:

ANY.RUN can analyze a file from your computer and give you a detailed text report of what is included there. 

So, how does ANY.RUN work?

If you think you’re dealing with an untrusted file or a link, the safe solution can be in malware sandboxes. Analysts run a file or link in a virtual environment and then watch it in action: what the suspicious file is going to do. In the end, you get a report to identify malware.

Our service can pretend to be a real machine to deceive malware and make it act. Owing to the interactivity of ANY.RUN you can manage the simulation and work with the virtual environment (such as dragging a mouse, tapping keys, entering data, and monitoring traffic).  Moreover, you can set the parameters of the simulation.

ANY.RUN can work with various operating systems and browsers. Sometimes phishing decoys look different in other browsers. With our service, you can execute analysis with a broad range of opportunities.

If you are interested in different phishing attacks and their examples, you can click on a phishing tag in the task. 

After that, you will see the whole cluster of different types of phishing tasks that were run in our service. 

This wide library is available for all users and anytime you can get acquainted with various examples of phishing. Right now there are a great number of such tasks in our service. It can help you be ready for any kind of attack. 

Whenever you spot anything suspicious going on, you can check it with the help of ANY.RUN! 

Popular Examples of Phishing Scams 

It is reported that phishers usually imitate well-known companies. They use brands to fake domains, URLs, websites, and others. As it was mentioned above, ANY.RUN has a wide range of public submissions, and we would like to share some examples from our cluster with you. 

Microsoft is the most used brand name for phishing in our submissions. Numerous sign-in forms, references in emails, links to sites. In the pictures below, you can see malicious examples of using this company’s name. 

In 2019 there was a phishing link to a false Netflix sign-in form where a user is forced to fill forms with his confidential information. You can have a look at how we followed this link with ANY.RUN in this video.

 This phishing scam aims to steal your email account password to Adobe.

The same situation happens with Office 365.

Conclusion 

Cybercriminals use different techniques to organize phishing attacks. To detect them, you need to pay attention even to the smallest details. Logos, messages, links — everything can be malicious and lead to severe losses. 

Of course, it’s better to be sure of what you’re dealing with. Besides various anti-phishing services, we advise you to analyze a suspicious file in our sandbox. If you execute them in ANY.RUN risking no harm to your operating system, you’ll understand whether you can trust it or not. Phishing becomes more popular, but we have your back!

What do you think about this post?

1 answers

  • Awful
  • Average
  • Great

No votes so far! Be the first to rate this post.

1 comments