I really appreciate Kevin's fast action and solution to fix our problem.
According to Keepnet, 85% of all U.S. organizations have experienced an attempted or successful phishing attack. If dealing with a phishing attack on regular days is nerve-wracking, how much worse can it be in the middle of a crisis?
Bad cyber actors tend to weaponize global events, and the COVID-19 pandemic is no exception. There’s a widespread surge in cybercrimes, with cyber attackers creating more than 1.5 million phishing sites every month. In this read, we look at how phishing attacks have evolved over the years, common COVID-19 phishing tricks, and how you can keep your Chicago business safe.
Outsource IT Solutions Group has been providing top-tier IT services to Chicago businesses since 1998. We have well-trained and certified technicians with years of professional experience in IT support.
Initially, phishers only targeted individuals with PCs or telephone devices and demanded a few bucks as ransom. Even when they started targeting corporate networks, they’d launch attacks on several organizations and spread the ransom fees across many firms.
Things got worse when the cyber actors began concentrating on attacking individual businesses. This means that they have more time to learn your systems and communication patterns to gain a firmer grip on your network before launching an attack. The attackers no longer just threaten to destroy your files. They know how much you wouldn’t want your sensitive data to be exposed to the public; hence promise to do just that if you don’t pay up.
However, the present-day phishing attacker doesn’t only seek to manipulate you into giving them a few bucks; they will first try to get the money by themselves. Let’s look at a few common examples to put things into a better perspective.
Closely tied to fake internal memos are ‘booby-trapped’ HR compliance forms. Most of these come with customized HTML attachments, complete with the worker’s full names. The attacker may even include phrases like “do not give your passwords to unknown people” to further win the employee’s trust. On clicking the attachment, users are redirected to a Sharepoint document with the purported policy changes and an acknowledgment link below. When the worker opens the link, they’re taken to a landing page where they will key in their emails and passwords. And just like that, the cyber attackers get to spoof the credentials they need to launch a phishing attack.
As you must have noticed, phishing attacks heavily rely on malicious emails.
Moving into 2021 and beyond, we can only expect that phishing attacks will aggravate. Our advice — you should enhance cybersecurity efforts around keeping off malicious emails from your inbox.
Outsource IT Solutions Group is here to help you whenever you feel lost or need an extra hand. You can always give us a call at (630) 701-3393.