Since the beginning of the 2000s, phishing has been the most popular tool used by attackers to steal sensitive information, and it works.
Everyone, from the CEO of a company to the average user, is regularly targeted.
A successful phishing attack can retrieve your confidential information that may be used to do nasty stuff like commit fraud in your name, take over your accounts, and control your servers.
What is Phishing?
In a phishing scheme, attackers contact victims, disguising themselves as trustworthy persons or institutions, to steal their information.
For example, they may send you an email impersonating your bank service. Some attackers are exceptionally good at falsification; the email address and content of the message can look legitimate.
They may inform you that your account’s password was reset, you won a prize, you owe money, or another alarming message to prompt you to take immediate action.
The immediate action usually involves clicking on a malicious link they provide.
Once you click that link, it may redirect you to a fake webpage that looks like the impersonated person’s official website. There, attackers can steal the sensitive information you input.
In other cases, the redirected link triggers malware download to your system. Check our article about malware to learn more about this attack vector.
Attackers may use typosquatting; domains under their control look remarkably similar to the legit ones, like www.facelook.com.
But this modus operandi is not only employed by criminals! Companies and governmental intelligence agencies also use it for economic or political reasons. For example, this is how foreign ministries, embassies, and even the Dalai Lama’s Tibetan exile centers were compromised.
As with the attacks covered in previous articles, there exist plenty of tools publicly available to perform phishing. Here’s an example.
What Do Attackers Do with Your Stolen Data?
With your stolen information, the attacker may impersonate you on the target application.
If the attacker gets to access your bank service, it will try then to steal your money and cash out by
- Purchasing products on internet marketplaces with your credit card details
- Purchasing gift cards
- Transferring your funds to a mule account
- Using wire-transfer services or cryptocurrencies.
More Nefarious Consequences of Phishing
In recent years, we started to register an increasing number of botnets and ransomware attacks.
A botnet is a network of devices infected by malware controlled remotely by a Botmaster. Botnets are usually used to perform Denial of Service (DoS) attacks.
Botmasters use mainly phishing to recruit new machines to their networks.
Ransomware is a type of malware that encrypts all your files and demands you pay a ransom to recover them back. Again, phishing is what attackers typically use in the first place to infect your system.
Symptoms of a Phishing Attack
Be very wary here! Attackers often use as phishing vectors:
- Emails, Messages, text messages, and social media posts,
- Websites asking for login credentials.
Here are some hints indicating they may be fraudulent:
- Shortened links,
- Grammar errors, unusual language,
- Strange URLs,
- Message content prompts to take immediate action.
If you fall victim to this schema, you may experience many symptoms. For example, you would find:
- Financial transactions you did not perform,
- Your account is locked,
- Spam being sent from your email and social media account,
- Other websites’ security systems block your IP and more.
Types of Phishing
We can classify phishing attacks by the media employed and targets.
Spear Phishing
In Spear Phishing, the attack is focused on a unique target. The individual is first investigated to craft a phishing message that is very likely to be trusted.
That is one reason why you should be very careful about what you share on the internet, for example, on social media!
Whaling
Whaling is a particular case of Spear Phishing in which the target is a high-profile individual, such as an executive or a famous person.
A remarkable example of a successful whaling attack is the case of an executive-level HR employee at Snapchat. The attacker disguised themselves as the company’s CEO and obtained the payroll information of the company’s employees.
Vishing
Vishing comes from Voice phISHING; the attacker tries tricking the victim over verbal communication channels like telephone or VoIP. This type of phishing was the most prevalent in the previous century.
Still, nowadays, phones are the second most common media fraudsters employ.
Smishing
Smishing comes from SMS phishing. Here, the media the attackers uses is mobile phones’ text messages.
Smishing attacks related to Covid aids and fines have victimized people worldwide recently.
Email Phishing
Here the media used by the attacker is email. It’s the most common type of phishing. This schema works as we explained in the example from the first section.
Top Phishing Statistics
Phishing has a high prevalence in cyberattack statistics. According to Verizon Data Breach Digest, 90% of all data breaches involve phishing.
Phishing seems to be on the rise. According to the FBI 2020 Internet Crime Report, phishing incidents more than doubled from 2019 to 2020.
How can you defend against Phishing?
Phishing seems to be on the rise. According to the FBI 2020 Internet Crime Report, phishing incidents more than doubled from 2019 to 2020.
Here are some tips to be safe!
Don’t Rush! Verify Yourself!
Take your time; don’t hurry to reply to an email prompting you to act immediately. Attackers will try to trigger your emotions so you make the wrong decision quickly.
Check first by other means the rightness of the message
For example, if you receive an email saying you won a prize, check on the internet if the organization is trustworthy. Consider that if you didn’t take part in a lottery, you couldn’t have won.
If you receive a message from the government saying you owe money, contact the institution on their official media to confirm.
Beware Where You Click
Attackers rely on users clicking on malicious links in emails, social media, or pop-up ads that lead to fake websites they control or even malware installation.
Even if you receive an email from someone you trust, the email still could have been sent by someone impersonating the person you trust.
You may check if a website is trustworthy here and by researching forums on the internet.
Use Multi-factor Authentication
If you have it enabled, attackers won’t be able to access your accounts even if they got to retrieve your credentials.
Web Services usually have an option for enabling two-factor authentication (2FA).
According to Microsoft, multi-factor authentication can prevent 99.9% of account compromise attacks.
Use Spam Filters
A spam filter is handy for separating legit emails from unwanted ones, and the rate of false positives is low.
The most popular webmail services, such as Outlook, Gmail, and Yahoo Mail, use this feature by default.
Consider Cyber Insurance
In addition to technical measures, it's wise to consider the role of cyber insurance in safeguarding your digital life. Cyber insurance can provide an extra layer of security, offering coverage for losses due to cyberattacks or data breaches.
How can BitNinja Protect against Phishing?
Using security software is important to avoid human errors that can transform into catastrophes. BitNinja has great features to protect you, even if you happen to click that link you shouldn’t have.
- The BitNinja Malware Detection module can detect malware in real-time, even if its code is obfuscated. Attempts to download malware to your system won’t pass through.
- The BitNinja SenseLog module detects and bans IPs associated with malicious events in your logs. For example, the supervisor API ApacheRecommendedSite prevents spamming attempts from known botnets.
- Finally, there's the Real-Time IP reputation module. It has a constantly updated and vast list of malicious IPs worldwide. Attempts of connection coming from these IPs are blocked directly.
Why is BitNinja Different from other Anti-Phishing Solutions?
BitNinja counts with features backed by state-of-art technology in different areas:
- The Real-Time IP reputation module contains information on 70,000,000 IP addresses worldwide. All BitNinja servers share this data in real time.
Example for Phishing
Phishing had success even with very high-profile targets. For example, in 2020, attackers got to hack into Twitter administrative accounts.
They did by employing a technique known as SIM Swap Fraud. That involves using Vishing to convince Telecom companies’ employees that you own a particular phone number.
After that, they received two-factor authentication messages to break into the desired accounts.
Once inside, the attackers had access to internal tools that enabled them to take control of any account. With that capability, they could impersonate famous users such as Barack Obama, Elon Musk, and Bill Gates to send phishing messages with a Bitcoin scam.
Phishing FAQs
Can I Customize the List of Blocked IPs with BitNinja?
Yes, you can add IP addresses via your BitNinja Console, from the CLI, or through the API.
All changes are processed immediately, and your server is instantly protected with the updated security settings.
If necessary, you can also manage IP ranges, block countries, and even ASNs with customized time frames to eliminate attacks from specific regions.
How Can I Check the IPs of those Sending Me Phishing Emails?
You can see the history of IP addresses and their details on your BitNinja Console in the Phishing Sites section.
Protect your servers from phishing and any threats. Cybersecurity is not optional anymore. It is a must! If you haven’t tried BitNinja yet, don’t forget to register for the 7-day free trial! No credit card is needed!
Free Trial
We are always happy to help you! If you have any questions, check out our Knowledgebase, feel free to ask at info@bitninja.io, or you can even reach us on the Dashboard chat!
Let’s make the internet a safer place together!
