Phishing IT Security

Phishing IT Security Oxford

Has your business been affected by Phishing?

What is Phishing?

Phishing is the fraudulent attempt of obtaining sensitive, important information such as usernames and password credentials, address and credit card details by disguising oneself as a trustworthy entity of a digital media organization.

The gathered information is then used to access important accounts and can lead to identity theft and financial loss.

Every day our clients are being targeted and tested with exploits that are getting sneakier – scammers and hackers are stepping up their game, which means we need to step up our security and our awareness to scams.
Today, we want to give you some guidance on how to spot scams and offer you an audit to make sure your staff are secure. Please forward the below email to your colleagues to help prevent malicious attacks. The cryptolocker viruses (like the Wannacry virus that hit the NHS) mean that just one user can spread a crippling virus across the whole business with one mistaken click

Types of Phishing?

Clone Phishing

Term refers to is when a previously legitimate email had its content taken, and was used to create an almost identical clone email. And the content of the email would be replaced with malicious content. After which it would be sent to look as if it would be coming from the original sender.

Spear Phishing

Term refers to an attempt directed at specific individuals and companies. Attackers normally gather personal information and use it to increase their probability of success.

Whaling

Term refers whenever an attach is directed specifically towards a senior executives of staff and other high profile targets. The culprits will try to craft content to match the target.

How to protect your business and prevent Phishing?

It all begins with security awareness training. It needs to be regularly updated, because of the constant atacks which are aimed at companies and individuals. The phishing techniques are getting more dangerous, as they sometimes can be hard to differentiate, so training must be held to reflect on current and new phishing attacks, as well as teaching new users to :

How to identify phishing attacks
To be cautious of pop-ups on websites
To think twice before clicking on links sent via email or other messages. Users knowledgeable enough to hover over the link to see where it goes can avoid accessing malicious pages.
To verify a website’s security by ensuring that the URL begins with “https” and that there’s a closed lock icon near the address bar

How can Computer Assistance help you?

We run test phishing campaigns for your business, to educate users on the dangers of phishing.

We can set up a phishing test email for you, a fake attack that looks real, in order to test how security conscious your users are. Several clients have undertaken the test with varying results but in all cases, at least one user has been susceptible and clicked on the ‘shady’ link. The test is free to set-up and there will only be a flat-fee of £250.00 if any of your users click on the link. If your employees are smart and don’t get tricked, you pay nothing!

ESET Antivirus with anti-phishing protection.

ESET Smart Security, ESET Smart Security Premium, ESET Internet Security, and ESET NOD32 Antivirus provide Anti-Phishing protection that allows you to block web pages known to distribute phishing content.

We strongly recommend that you leave Anti-Phishing enabled

Did you know, even IT companies are targets for Phishing Attacks?

It may seem far fetched – but recently here at Computer Assistance we were targeted with one of the most sophistacated Phishing attempts we have seen so far. We say attempt because it obviously didn’t get through – Our eagle eyed team noticed very quickly that something was amiss, and dealt with it appropriatly. But for your benefit we have taken a screenshot of the seaming innocent and very legit looking ‘Customer’ enquiry to show you it can happen to anyone.

Opening attachment's from unknown sources

Well, this is a tricky one. You may ask yourself how did we prevent the phishing attack? It was easy really. We don’t only sell and advocate the use of an industry strength Antivirus like ESET. We use it in house.

When this email came, we first investigated the supposed business – as you should too if you get an email from an unknown source, then with the Anti Phishing Option turned on we investigated the email and the attachment further and were able to determine that the ‘PDF’ document was in fact an embedded Phishing script designed to run when the attachment was opened.

Obviously, we don’t expect you to be this vigilant with every single email that comes in. Which is why we recommend an Anti-Virus that can do the grunt work for you. With the offending email safely quarantined we took the further step of blocking all emails from the offending domain name.

What our clients say about us

We have been helping businesses with their IT needs since 1996. We are provide fast, reliable, repairs, onsite and remote IT support services.

Leave a Review