Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back
Back

Phishing: Don't Take the Bait

Written by: Cameron G. Shilling

Published in Business NH Magazine (September 2019)

Phishing is the most prevalent cyber-attack. Why? Simply put, it works really well. While it is important that individuals learn how to avoid taking the bait, businesses also must implement techno-logical safeguards against phishing.

There are many phishing scams, but the most prevalent involve casting the same email to numerous individuals. "Phisher-men" lure recipients into clicking a link in the email or double clicking an attachment by masquerading as legitimate business actors communicating in an expected manner. This type of phishing is appetizing because it appeals to people's inherent curiosity, desire to quickly resolve a problem and lack of time to pay sufficient attention to all the email one receives on a daily basis.

When someone bites, the phisherman uses the link or attachment to download ransomware or malware to the individual's device as well as other devices and networks connected to it. Ransomware encrypts data on those devices and networks, disabling the company's ability to conduct business, and the attacker demands a ransom payment to decrypt the data and resume operations.

Malware usually permits the phisher-man to covertly access the compromised devices, computers and networks to steal information or funds. This type of phish also can trick recipients into providing in-formation, such as credentials to access an email or financial account, facilitating theft of information or funds.

Spear-Phishing

A different type of phishing sets the hook into particular individuals at a business, such as an executive officer, controller, employee in finance or accounting, IT employee, HR professional, or other man-ager responsible for decision making. Due to its pointed nature, this type of attack is called spear-phishing.

Spear-fishermen usually already have access to a business manager's email or the company's network through ordinary phishing to monitor communications and select an instant to strike when the business is most exposed.

For example, spear-phishermen wait for the moment funds are about to be transferred for a large transaction, then take control of an executive's email and send instructions directing payment of the funds to the phisherman's account. Another example is a spear-phisherman who knows when a CFO is meeting with the company's accountants to complete tax returns, then takes control of the CFO's email and instructs a staff accountant to send copies of W-2s for all employees. Still other spear-phishing involves spoofing or hiding a sender's real email address and making it appear as if the email originated from another person's account (such as a colleague or vendor) to lure a recipient into transferring information or funds to the spoofer.

Individuals need to develop instincts and defenses for phishing. For example, if an employee receives an email with a link or attachment from a person unknown to them or from a person they did not expect to receive an email from, the employee should call the person to determine if he or she actually sent the email. Likewise, if an employee receives an email from a colleague or a vendor directing them to send sensitive information or funds, he or she should call to verify the need for the information.

Safeguards

Educating employees to recognize and avoid phishing is imperative. However, no matter how much training, testing, and re-training a business provides, its employees will remain fallible. Other technological safeguards, including the following, are vital to protect against phishing.

Sandboxing: Businesses should add an application to their email systems that tags all emails containing a link or attachment. If an employee clicks on the link or attachment, the application launches it in a safe digital environment, called a sandbox, pre-venting any malicious application from infecting the employee's device or any others connected to it.

Spoofing Recognition: Businesses should incorporate an application into their email systems that recognizes emails originating outside the business' email domain and they should add a header to those emails alerting employee-recipients to that fact. The application also would recognize whenever the sender's email address differs from the one displayed to the employee-recipient. It then quarantines the email for further review.

Active Threat Prevention: There are applications that use advanced technology to detect certain activity that is unusual or threatening, disable the activity before it can cause further harm and sequester or, in some instances, reverse the damage.

Dual Authorization: Businesses should develop formal processes and implement technological safeguards that require dual authorization for certain financial transactions and transfers of large amounts of sensitive information.

Phishermen undoubtedly will continue to develop increasingly sophisticated tac-tics to net a catch and phishing is only one of many cyber risks to businesses. The best defense for businesses is to conduct a comprehensive risk assessment with an information security attorney and IT consultant and remedy the company's vulnerabilities, including implementing phishing prevention techniques.

Cameron G. Shilling is a director at McLane Middleton, P.A. in Manchester. For more information, visit mclane.com, call 603-628-1351 or email at [email protected].

Integrity and trust

At McLane Middleton we establish and maintain long-standing relationships with our clients to help us better achieve their unique goals over time. This approach to building trust requires that our esteemed lawyers and professionals use their broad, in-depth knowledge and work together with integrity to ascertain sound resolutions to legal matters for their clients.

Strength in numbers

McLane Middleton is made up of more than 105 attorneys who represent a broad range of clients throughout the region, delivering customized solutions. As a firm we are recognized as having the highest legal ability rating. The firm is rated Preeminent by Martindale Hubbell and is recognized as one of the nation's leading law firms in Chambers USA. Our attorneys are distinguished leaders in their respective practice areas.

Meet Our People

Commitment and collaboration

McLane Middleton's versatile group of attorneys and paralegals become trusted authorities on each case through collaboration. We work with our clients to learn their individual needs first and foremost and, together, we develop comprehensive solutions to their specific legal matters. This approach helps us exceed our clients' expectations efficiently and effectively, client by client, case by case.

Practice Areas

A history of excellence

McLane Middleton was established in 1919 in New Hampshire, and has five offices across two states. However, deep historical roots don't allow you to become innate. Our firm is organized, technological, and knowledgeable. Our history means we are recognized. But our reputation is built on the highest quality of service and experience in very specific areas of law.

The Firm

Intelligence paired with action

Our team continuously seeks opportunities to enhance their professional development and put key learnings to action. The pursuit of further insight guides us to volunteer service opportunities, speaking engagements, and teaching roles. Our lawyers are sought after thought leaders across their industries, and recipients of leadership awards throughout the region.