Shark Blog

The Art of Phishing: How Cyber “Sharks” Hook, Line and Sink Their Victims

Unsuspecting users around the globe are becoming easy prey to increasing cyber security threats. A task as simple as checking your email inbox is no longer the innocent act it once was. In light of Shark Week, VPLS wants to remind you of the danger lurking in the sea of data that is phishing. Here is an excerpt to help you identify and protect yourselves from becoming cyber shark prey.

The Art of Cyber “Shark” Phishing

There is nothing quite like fishing: an open ocean, a fishing rod, and patiently waiting for your catch to take the bait. And there’s no greater feeling than discovering you’ve caught something worthwhile.

The art of email phishing is no different. However, in this scenario, the ocean is made up of thousands of email accounts with cyber “sharks” always lurking ready to attack.

On a daily basis, employees sit down at their desk with a hot cup of coffee and begin sorting through dozens of emails. Suddenly, an employee notices an important message from Human Resources (HR). The message directs the employee to a link and asks that the user update their current personal information. Without a second thought, the employee completes the task and discovers that all linked work accounts have been infected with malware. One by one, work files are disappearing, as the culprit basks in their latest catch.

It Looks Like a Fish! Swims Like a Fish! But… is it a Phish?

Phishing emails usually hide behind familiar and reputable company brands, which explains why many of us fall prey to this tactic and relinquish personal information.

By understanding the victim’s trends and habits, scammers can obtain personal information by impersonating corresponding banks or organizations, claiming to verify customer records due to a technical error. This type of phishing, known as Whaling and Spear Phishing, specifically targets large businesses and organizations due to the large number of customers available.

Cybercriminals can also use the pharming technique, where they lure their victims with a promise of a prize, if they fill out a survey form with necessary information. Another way this tactic is put into practice is when the scammer leads their victims to a phony version of a legitimate website, that a user is trying to visit by infecting their computer with malware. The malware then redirects the user to the fake website even when the correct address is inputted.


Phishing 101: How-To Recognize a Scam

Real company emails never request sensitive and personal information.

Beware of emails with links or attachments that ask for passwords, credit card information, credit scores or other personal information.

Real company emails address you by your full name

Phishing emails typically use generic greetings like, “Dear Customer,” “Dear Account Holder,” or “Dear Valued Member.”

Real company emails have proper domain names.

Check the sender’s email address to ensure legitimacy. Emails with alterations to the domain address, such as additional letters or numbers, are typical signs of fraudulent accounts.

Real company emails don’t have poor grammar.

Bad grammar in an email is a sure sign that you are dealing with a scammer, as most company emails are heavily scrutinized and edited before release.

Real company emails don’t force you onto their website.

Some phishing emails are coded in a way that forces a browser to open and automatically opens a specific website.

Real company emails don’t include unsolicited attachments.

Unsolicited emails containing attachments are typically sent by hackers as a way of downloading malware onto your computer.


Stay Vigilant

Learning and knowing more about email phishing can make all the difference when trying to distinguish what is phish bait and what isn’t. Lucky for you, VPLS, offers KnowBe4 Security Awareness Training Services to train your employees to efficiently identify a red flag in real life situations to prevent potential cyber “shark” attacks.

So, the next time you are faced with a questionable message in your inbox, remember these guidelines and you may avoid becoming a victim of someone else’s phishing game.

[av_hr class=’default’ height=’50’ shadow=’no-shadow’ position=’center’ custom_border=’av-border-thin’ custom_width=’50px’ custom_border_color=” custom_margin_top=’30px’ custom_margin_bottom=’30px’ icon_select=’yes’ custom_icon_color=” icon=’ue808′ font=’entypo-fontello’ custom_class=” admin_preview_bg=” av_uid=’av-m7niqe’]

Follow, Like & Share!

Don’t forget! VPLS offers Knowbe4 services that will help train your team to identify, flag, and prevent phishing emails from entering your organization. If you want to keep up with the latest security trends and other IT related products and services, please visit our blog and stay current with the latest news!

Scroll to Top