Phishing attacks are the Swiss Army knife of cyberattacks. With a well-crafted email and lookalike website, you can trick many people into handing over their personal information. You might even convince them to download and launch a file that looks perfectly innocent. In a double-click, that file installs malware and phones home to report that the backdoor to your network is open.
Do you know how to spot a phishing email? We provided a few tips on recognizing them last year. However, more sophisticated phishing attacks are taking things to the next level. Here are their latest tricks.
Most people are familiar with hovering or long-pressing a link to see what address you’re about to open. One look at “randomstuff549.ru”, and you’re not clicking anything in that email. The latest phishing trick includes putting a legitimate domain in front of a malicious one.
Lately, we’ve seen emails about someone signing into a Google account on the other side of the world. Everything about the email looks legitimate. Hovering over the “Change Password” button, you see…
It starts with “myaccount.google.com,” so it must be ok. Right?
If you look carefully, you’re actually visiting a subdomain of “abc-security.net”. Everything before “abc-security.net” is just there in hopes that you won’t look past the first portion. Some domains have reportedly been up 1,000 characters long. Try finding the real domain in that mess.
One of the sneakiest tricks involves swapping out letters for international characters. You’re on pitcrewit.com right now. Replace the “e” with “é”, and you’ll end up on a completely different website. (Don’t do it. We have no idea where it goes.) Anyone could easily miss the difference between mybankswebsíte.com and mybankswebsite.com.
Don’t Trust the Padlock
Sites utilizing an SSL certificate for encryption appear with a padlock next to their domain in browsers. (Look in the address bar above, and you’ll see one next to our domain.) A missing padlock used to be an instant sign of an illegitimate site. The warning still stands. If you don’t see one, you should be very careful on that site.
If you do see a lock, that doesn’t really mean you’re safe. Yes, your connection will be encrypted. However, it just means a 4th party can’t steal the information being passed to the 3rd party that’s actually stealing your information.
Quiz Yourself & Be Safe
Google released a phishing quiz earlier this year. Test your ability to recognize phishing and avoid becoming another victim. If you aren’t sure, don’t click anything and just hit the delete button. Visit the legitimate site by typing the address directly into your browser, and then log in. Better safe than compromised.
Looking for More Tips?
Blog posts with various IT tips and news are released every Friday. We publish new episodes of Tech Tip Tuesday as often as we can. You can view previous episodes in our Tech Tip Tuesday library. Click the Sign Up or Subscribe button on this page to subscribe and receive every tip directly in your inbox each week. Pit Crew IT Services can also help your organization with any IT needs you might have. Get started with a free consultation using the button below.