Phishing

What Is Phishing?

The most common social engineering attack, phishing is, simply, a ruse tricks a user into giving access, data, or money to bad actors.

During a phishing attack, the threat actor pretends to be a person or organization known to, and trusted by, the target and asks for access to a system or for financial information. The end goal of phishing is financial gain, access to a secure system, or both.

How Does a Phishing Attack Work?

A phishing attack has multiple steps:

The threat actor identifies a target. That target is often an internal user at an organization. However, individual consumers can also be targeted by attacks.
The threat actor pretends to be a trusted source for that user – be it an IT person or a representative from a trusted organization — and contacts the target. The traditional route for phishing is email.
The threat actor convinces the target to either give them access to secure systems, give them financial data (or other valuable data) or both.

Example of a Phishing Attack

American Airlines disclosed a data breach that was utilizing phishing techniques to gain access to employees’ files and data. The bad actor was able to hack a single employee’s Microsoft account, and then used that account to send phishing emails to other employees, requesting access to more assets.

Phishing vs. Smishing

Smishing, short for SMS phishing, is a form of phishing that utilizes mobile devices. As mobile devices have become more common tools for employees, especially as part of multi-factor authentication, bad actors are targeting these devices more.

The Anti-Phishing Working Group (APWG) “Phishing Activity Trends Report” noted that smishing attacks increased 70% in Q2 of 2022.

4 Common Phishing Techniques

1. Email Phishing

This is a cyber attack that uses email as a method of contacting potential victims. These attacks are typically mass-emailed campaigns that cast a wide net as phishing “lures” are sent to a vast number of recipients. The emails include a malicious link or attachment and try to get the person receiving the message to click on the link or open the attachment by expressing a sense of urgency, inciting fear or curiosity, or using some other enticing message.

2. Vishing

Phishing that resorts to scams via a phone call is called vishing. During vishing calls, cybercriminals often impersonate people of authority—like an IRS agent, a bank representative, or even a tech support person—to scare the target into taking action. The interaction moves fast. The caller tries to confuse and fluster the potential victim, making it a lot easier for the would-be victim to comply with the request.

3. Smishing

Smishing uses text messages (SMS) to send its malicious link. Anyone who owns a smart phone has likely received a text saying they won a prize or received a message with a similar lure. Attackers may also impersonate a legitimate company to entice the recipient to divulge sensitive information or download a malicious file.

4. Spear Phishing

Spear phishing typically involves a greater degree of social engineering. Such attacks target specific people with personalized emails that include valid information about the recipients to convince them of the sender’s legitimacy. Cybercriminals may root around on social media for information or just use an educated guess.

How to Spot a Phishing Attempt

A phishing attempt, whether it comes through email or through a mobile device, usually has similar characteristics that can help a target identify the threat:

There are misspellings or obvious grammar issues
The message asks for sensitive, valuable, or financial information
The message contains suspicious links
The message has a sense of urgency
The message is from someone who has never contacted you before, I.e the CEO of your organization

How To Prevent Phishing Attacks

1. Employee Security Awareness Training

Employees are the first line of defense when it comes to social engineering attacks. They are the targets and the ones who can stop the attack before it begins. The best training is frequent, engaging, and works to educate users on new threats.

2. Employ Multi-Factor Authentication

Multi-factor authentication helps prevent unwanted access by making a user verify themselves before gaining access. This tool can stop a phishing attack, because if the bad actor gains credentials, they will still be unable to bypass the multi-factor authentication verification.

3. Rotate Passwords Frequently

A threat actor can’t use credentials if those credentials have been changed. In addition to password rotation, many organizations utilize a credential vault which prevents users from ever knowing the passwords in the first place.

How Arctic Wolf Can Prevent Phishing

Arctic Wolf® Managed Detection and Response (MDR) solution provides 24×7 monitoring of your networks, endpoints, and cloud environments to help you detect, respond, and recover from modern cyber attacks. If a spear phishing attempt becomes a successful attack, MDR can immediately detect the new behavior and alert your IT team, helping you mitigate the attack.

Arctic Wolf® Managed Security Awareness employs engaging micro-learning sessions that help employees recognize social engineering tactics to prevent future threats from becoming data breaches.

Arctic Wolf

Arctic Wolf provides your team with 24x7 coverage, security operations expertise, and strategically tailored security recommendations to continuously improve your overall posture.

© 2024 Arctic Wolf Networks Inc. All Rights Reserved.
Privacy Notice	Terms of Use	Cookie Policy	Accessibility Statement	Information Security	Sustainability Statement	Cookies Settings

SOLUTIONS

INDUSTRIES

Quickly detect, respond, and recover from advanced threats.

Detect and respond to advanced threats targeting your cloud infrastructure and applications.

Discover, assess, and harden your environment against digital risks.

Explore, harden, and simplify your cloud environment against misconfiguration vulnerabilities.

Engage and prepare employees to recognize and neutralize social engineering attacks.

Recover quickly from cyber attacks and breaches, from threat containment to business restoration.

HOW IT WORKS

Delivering security operations outcomes.

Collect, enrich, analyze.

Ecosystem integrations and technology partnerships.

Tailored security expertise and guided risk mitigation.

Security experts proactively protecting you 24×7.

Meet some of the security experts working alongside you and your team.

TRENDING RESOURCES

Understanding ransomware — from its origins to its impacts to the TTPs that allow ransomware gangs to exploit victim organizations and make off with millions in ransom payments and extortion fees.

The elite security researchers, data scientists, and security developers of Arctic Wolf Labs share forward-thinking insights along with practical guidance you can apply to protect your organization.

Learn how our Concierge Security® and Triage Security Teams help end cyber risk.

SECURITY BULLETINS

CVE-2024-3400: Follow Up: Patches Released for Actively Exploited Critical Vulnerability in GlobalProtect Feature of PAN-OS

CVE-2024-26234 for Windows and CVE-2024-29053 for Defender for IOT highlighted in Microsoft’s April 2024 Patch Tuesday

CVE-2024-3400: Critical Vulnerability in GlobalProtect Feature of PAN-OS being Actively Exploited

COMPANY