• Blog

Phishing attacks

What are Phishing attacks?  
Cybercrime is ever-present in businesses and hackers are taking advantage of unknowing employees that are not wary of the risks of cyberattacks. Hybrid and home-working has also thrown another spanner into the mix and can expose businesses to Phishing attacks. 

Phishing is a common ploy for hackers, whereby messages are created to capture an employee or an organisation’s sensitive data. If your employees unintentionally fall victim to phishing scams it can exploit the organisation’s network through malware and viruses over internet connections. 

Just one phishing email can cause downtime for the entire organisation and small businesses are at the most risk if this happens because of the expensive repercussions. Phishing scams are becoming more sophisticated, and as a consequence becoming more difficult to detect. Ideally, as an organisation, you need to educate and prepare your team for phishing attacks and how they can spot them before an issue occurs. 

Types of Phishing attacks

1. Mass campaigns  

This is typically a campaign that’s objective is to gain credit card details and other personal credentials. They usually appear as a legitimate sender, but look out for misspellings, wrong domain, odd-looking logos, and emails with little text and an image. 

2. Spear Phishing 

This targets a specific organisation or person with tailored phishing emails. Look out for internal requests from other departments, and links to documents on shared drives like Google Drive, SharePoint Office 365 and Dropbox. Any documents that require you to enter a user login and any link that attaches an external website address to the email may not be safe. 

3. Whaling 

This attack is similar to spear-phishing in targeting certain individuals, specifically high profile targets, e.g. This attack is similar to spear-phishing in targeting certain individuals, specifically high-profile targets, e.g. senior executives. 

4. Clone Phishing 

The attacker duplicates a legitimate email and attaches a link that redirects to a malicious/fake website. 

5. Pretexting    

Pretexting is typically a pre-emption to a malicious email, e.g. through a voicemail or text. This initial communication sets an expectation that a legitimate link on an email will be sent through. 

For further advice and guide care on securing your network and preventing data breaches please get in touch with the team today: 
T: 0207 101 0096
E: contact@itdsmanaged.com 
W: https://www.itdsmanaged.com/ 


Posted by ITDS

Share on Social Media

Contact us today to discuss your requirements.


Get A Quote