Gone Phishing

Monday, 24 September 2018

While the art of magic is ancient, its traits of manipulation, misdirection and deception are increasingly used by modern day cyber criminals to create an illusion of legitimacy, enabling them to trick users into revealing sensitive information. Phishing is the term used to describe these efforts to bait victims into revealing usernames, passwords, birthdates, email addresses, phone numbers etc. Criminals then use this information to access other online accounts or to start fraudulent transactions. They go to great lengths to impersonate legitimate companies and unless users are paying very close attention, they can fail to spot very subtle changes. Phishing’s relatively lazy cousin, spam-email, does not actively seek log-in information in quite the same way. A play on the word fishing, developments have given rise to several new terminologies which describe various methods of phishing:

  • Spear-phishing –is when a specific individual or group of people are targeted.
  • Clone-phishing – criminals identify a legitimate recently sent email, then follow that up with an ‘updated’ version which will contain a fraudulent link. 
  • Vishing – the attack involves a voice element. The UK National Fraud & Crime Reporting Centre Action Fraud was impersonated in a vishing attack. Victims received a call which claimed to be from Action Fraud. It informed users their online banking had been compromised and led to victims providing remote access to cybercriminals.
  • Smishing – the attack involves a text message (SMS) element.

Unlike magic, phishing does not defy rational explanation - you can take steps to protect your corporate network by ensuring your staff know what to look out for. There are several common tactics adopted: emails will appear to be from a legitimate source, often having a sense of urgency and a request to click on a link or provide information. They will often appear to be business related, perhaps a shipping confirmation inviting you to click a link to track shipping, or a corporate email asking to update online security. Your team should be aware not to click on links within emails, always start with a fresh web search. Two factor authentication (2FA) should always be enabled where possible. Then, even if the cyber criminals obtain email addresses, user names etc they will not be able to access accounts.

While many phishing attempts seek sensitive information, others contain a link to malware with the aim of infecting your network. This approach will only work if your IT security is not up to date; they are hoping to find unpatched operating systems and other security flaws. Lucky charms and superstition won’t help here – but a multi-layered approach to cyber security will. We can advise on all aspects of your IT support and security systems and as ACE Practitioners of Cyber Essentials we can guide you through well trusted systems of protection which you need. Why don’t you contact us today for more information and a review of your IT networks.

RedMosquito provide IT support to SMEs across Glasgow, Edinburgh and throughout central Scotland.

footer-logo

T 0141 348 7950 enquiries@redmosquito.co.uk
Glasgow 27 Panorama Business Village, Glasgow. G33 4EN
Edinburgh 8 Albany Street, Edinburgh EH1 3QB

KEEPING SOCIAL

facebook gplus twitter linkedin

ABOUT US

Formed in 1999 Red Mosquito provide a complete one-stop technical consultancy service offering managed services IT support, computer maintenance, computer networking and Cloud Services to businesses in Scotland and beyond. We operate as a complete outsourced IT department dealing with all of the day to day administration and configuration of our client's systems.

Based at our Operations Centre in Glasgow and in Edinburgh, we're in the business of providing top quality IT services driven by our passion for technology. Our team of experienced IT support engineers operates throughout Scotland keeping your servers and desktop computers running smoothly so that you can concentrate on what's really important - your business.

We are your IT department.

Case Studies

  • Russel & Aitken

    Founded in Falkirk in 1818 Russel & Aitken is one of the oldest legal firms in Scotland. From the start they have been associated with innovative new technologies and today they continue to maintain a modern and progressive approach to their business.

  • CMS Windows Ltd.

    When Red Mosquito started working with CMS in early 2011 our first task was to fully understand a complex business and the needs of its employees....