BotNet News

Your source for Online Security News

Phishing involves an attacker sending a message that looks like a trusted communication from a legitimate source. The message is designed to coax a victim into providing confidential information on a fake website or downloading malware. Attackers use phishing to obtain passwords, account credentials and even social security numbers. Often, victims don’t realize their information has been compromised until it’s too late.

Despite advances in cybersecurity technology, hackers continue to exploit human weaknesses. A low-tech phishing expedition shut down MGM Resorts (and its Las Vegas casinos) for over a week in 2023 when attackers monitored an MGM employee’s LinkedIn account to gather personal details, then impersonated him on a fake phone call to the help desk. The scammers persuaded help desk staff to reset the employee’s password, opening the door for ransomware.

The good news is that phishing attacks are relatively easy to detect. Here are some key red flags to look out for:

Unusual Sender

If the email doesn’t make sense, is unexpected or is out of character, it’s a good bet that it’s a phishing attempt. LearnBe4’s phishing awareness kit provides a great list of 22 social engineering red flags to watch out for in an email.

Companies must continually raise awareness, test users and teach them what to look out for. The best way to reduce the risk of phishing is by using an advanced email security solution that uses artificial intelligence to scan messages and identify suspicious emails, blocking them from reaching the user’s inbox. In addition, users should change passwords regularly and avoid reusing or sharing them.