Email Header Manipulation
When most people imagine the masked villain behind a phishing attack they picture a high-tech brainiac gone rogue. However, phishers are having great success with low-tech alternatives, and that should raise concern if your user-base doesn’t know what to look for.
Here’s what they’re doing: The hacker sends an email to a user within the organization asking a basic question — no fancy links and no sneaky malware. They say something like, “I’m in a meeting right now but was wondering if you could do me a quick favor. Able to help?” The only sly maneuver the attacker takes is that he spoofs the “From:” address to appear as if the email is coming from that top member of the company who is supposedly “in a meeting”. If a response is given, it is followed by a seemingly benign request such as, “Can you buy some gift cards for an upcoming client appreciation day? And once you’re done, just shoot me the cards’ details so that I can verify they work.”
While this attempt may seem easy to spot, it often gets overlooked since the request is so straightforward and it comes from someone of authority. From a security aspect it shows that the thief is taking the time to research the target; they are willing to play it slow. There is no request to download a document or follow a link, and using this low-tech approach, criminals are able to slide under the radar of an untrained user.
The human element of cyber security can be your weakest link or your strongest defense. An uneducated user can circumvent almost any defense measure with a simple click, but an educated user who has received proper training will often be able to sniff out an attack before it becomes a problem. In recent years it was found that 32% of security incidents were initiated by human error, 25% involved phishing, and 23% via ransomware, but these numbers are dramatically decreased in environments where consistent security training is provided. Tools are only able to protect to a certain degree, and user education is the only sure-fire way to mitigate these threats.
Are your users well-trained to identify phishing attacks like these? If not, get in touch to learn more about the ways that Symplexity can help keep your organization safe.