Phishing attacks against companies increased by 350%
To ensure the security of your company, AnubisNetworks has created a tool to assess possible security breaches on your domain.
Have a quick assessment of your company Domain:
What is Phishing?
Phishing is a type of crime that employs social engineering and internet technologies in order to commit fraud or theft.
Through deceptive and misleading speech, attackers target unsuspecting victims, deceiving them into believing they are dealing with a trusted and legitimate person or entity.
By corrupting technologies, attackers disguise their identity to appear legitimate. For example, using fake email addresses or websites. The execution of the attack can be given by the injection of malware in the victim(s) systems.
A phishing attack is aimed at stealing consumers' personal identity and financial account credentials. Phishing is also an effective technique for corporate espionage or data theft. Some attackers go so far as to create fake profiles on social media and invest time in building a relationship with potential victims and only activate the attack after establishing trust with the victim.
Want to train your employees against Phishing?
Check out our Systems Explore Service
The Parts of a Phishing Attack
Phishing by email
By far the most common method. Emails often contain attachments that contain malware and/or links that lead to malicious websites. Other types of social engineering for phishing can include phone calls, SMS, and social media conversations.
Phishing websites
Phishing sites are fake copies of real known and trusted sites, with the aim of tricking victims into entering their data (e.g., credit card).
Malware, Malware websites and Malware links
The intent of a phishing attack can culminate in getting the victim infected by malware, which is triggered through malicious files, links and websites that automatically install malware.
Spoofing
By accessing compromised accounts (e.g., email or social media), attackers are able to establish trusted communications with victims.
Don't know an IP sending you emails?
Phishing Types
Employee awareness is paramount!
Check out what Systems Explore can do for you
Spear phishing
Spear phishing occurs when phishers customize their attacks to target specific individuals (instead of launching large-scale attacks). Typically using information from social networks, attackers customize their attacks. If these attacks target very important people (for example, a company’s chief financial officer), you can use the designation of Whaling.
Business Email Compromise (BEC)
Also known as CEO Fraud, attackers pretend to be the CEO of a company or another executive in order to get other employees to facilitate access to information, or to make fraudulent payments.
Pharming, Link Manipulation, and Cross-Site Scripting
Technological tricks are used that totally or partially replace the need for social engineering. For example, DNS cache poisoning is a pharming technique that automatically redirects users from a legitimate website to the attacker's spoofed version.
