The Rise of Phishing Scams in Cyber AttacksA Saltmarsh Guide to Securing Your Company Data

12/5/2024 - By Chase Sims

Phishing scams have become one of the most prevalent and dangerous forms of cyber attacks. These scams often involve tricking individuals into providing sensitive information, such as login credentials or financial details, by masquerading as a trustworthy entity. The sophistication of these attacks has increased significantly, making them harder to detect and prevent.

Microsoft 365 & Industry Tactics

Phishing attacks targeting Microsoft 365 users have become particularly common. Attackers often use tactics such as:

Impersonation of Trusted Services: Attackers send emails that appear to come from services like Dropbox or DocuSign, urging users to click on malicious links or download harmful attachments.
Business Email Compromise (BEC): This involves monitoring email exchanges between companies and intervening at a critical moment to redirect payments or steal sensitive information.
Credential Harvesting: Fake login pages for Microsoft 365 are created to capture user credentials when they attempt to log in.
Drive by URL: The user’s device is infected with malware simply by visiting a compromised website. Unlike other attacks that require the user to download or open a file, drive-by downloads can occur without any interaction from the user.

More on Business Email Compromise (BEC)

My privacy! – The notion can be very personally invasive; this happens far more often than you realize. Many companies are still very slow to adopt Multi-Factor Authentication (MFA). Especially your customers who are using personal emails not protected by industry standards.
Pay me now! Wire transfer! – Cybercriminals will often monitor email exchanges between two or more people to “scope” out the job. Think about the bank heist documentaries you may have seen. The bank robber scopes out their target to learn everything about them.
WHAT EMAIL!? – The cybercriminal will most often create Outlook rules on your profile to redirect new emails to external emails that the cybercriminal controls. This can be prevented on an administrative level in Microsoft Exchange. Preventing external email forwarding and only allowing internal.
I forgot my keys! – In the event that you believe you have been compromised, please call your IT support desk immediately. Your IT support desk will ensure they lock your account and revoke all sessions you are logged into. Locking the attacker out of your account in the process.

Other Industry Tactics

Spear Phishing: Highly targeted attacks aimed at specific individuals within an organization, often using information gathered from social media or other sources to make the attack more convincing.
Clone Phishing: Attackers create a nearly identical copy of a legitimate email that the victim has previously received but with malicious links or attachments.

Smishing: A Growing Threat

Smishing, or SMS phishing, is a variant of phishing where attackers use text messages to deceive victims. These messages often appear to come from legitimate sources, such as banks, delivery services, or even government agencies. Common tactics include:

Urgent Alerts: Messages that claim there is an urgent issue with your bank account or package delivery, prompting you to click on a link or call a number.
Fake Promotions: Offers of free gifts, discounts, or prizes that require you to provide personal information or click on a malicious link.
Verification Requests: Messages asking you to verify your account details or login credentials.

Securing Yourself Against Phishing Attacks

To protect against phishing scams, it’s essential to implement robust security measures:

Multi-Factor Authentication (MFA): Adding an extra layer of security by requiring a second form of verification, such as a text message code or authentication app, can significantly reduce the risk of unauthorized access.
OAuth Tokens: Using OAuth tokens for authentication can help limit the exposure of your credentials. These tokens can be revoked if compromised.
FIDO2 Keys: Hardware security keys that use the FIDO2 standard provide strong, phishing-resistant authentication.
Best IT Hygiene Practices: Regularly updating software, using strong and unique passwords, and educating employees about the dangers of phishing can help maintain a secure environment.

By staying vigilant and adopting these security practices, individuals and organizations can better defend themselves against the ever-evolving threat of phishing scams.

Ready to Level Up Your Security Game?

Partner with Saltmarsh for expert guidance in process improvement in your IT Practices. Saltmarsh can help you assess your current processes, implement improvements and support ongoing evaluation. Don't let inefficiencies hold you back—contact Saltmarsh today.

About the Author | Chase Sims
Chase is an IT consultant in the Information Technology Services practice of Saltmarsh, Cleaveland & Gund. He provides technology and network support services for all levels of the firm’s business information technology clients, including hardware and software solutions. He has over five years of experience in implementing new technologies and creating solutions to resolve information technology issues for businesses.