Do you know how to recognize a phishing cyber attack?

30.11.2022. | Blog

According to some reports, compared to 2021, the number of phishing attacks has increased by 61%. Millions of phishing e-mails are sent daily, and a large part passes through spam filters and employees within organizations are exposed to the risks of becoming victims of cyber-attacks.

Do employees know how to recognize risky emails, and how can organizations help raise awareness of cyber security? We spoke with Camill Cebulla, European Sales Director at Group-IB – Global Threat Hunting and Intelligence Company.

Talking about cyber security is never too much, given that hacker attacks are more sophisticated and baits, especially when it comes to fishing, are getting smarter. Are we careful enough?

Camill Cebulla: Many employees are not well educated about the risk of phishing e-mails. Sometimes we even see how employees forward phishing emails to their colleagues because the malicious attachments are empty and they hope that their colleagues can open it. Therefore, it’s highly recommended to educate employees on the risk of phishing, how to identify phishing and what to do with it. Also, a mail protection solution can help to prevent most cases.

The channel for phishing activities is also the SMS message, and this kind of cyber attack is called smishing. Although they can appear on any messaging platform from WhatsApp to Instagram. How does smishing work? Can you explain the steps?

Camill Cebulla: Smishing has the same goal as mail phishing, it leverages messenger services, e.g. SMS, whatsapp, telegram. The message usually contains a link and a call for action, most of the time it’s about infecting the user’s device with malware. The success rate of smishing is below mail phishing, hence the threat actors send millions of SMS to phish a small number of victims.

Can you tell us something about real-life smishing attacks, and what will be your tips?

Camill Cebulla: Real-life smishing is usually impersonating banks or very specific services like delivery or post services. Brands everyone knows and feels comfortable with. In regards to banks, the SMS is usually providing a link where for a dubious reason you should fill in your banking data. Sometimes, it will prompt you to download an app or fill in an OTP code. So the main goal is credential phishing or sometimes malware distribution. In terms of services, it’s malware distribution most of the time. My tip? If you don’t expect an SMS, it’s rarely legitimate. If it asks you to download something or fill in data, it’s even worse.

What preventive steps should be taken by users when we talk about smishing cyber attacks in general?

Camill Cebulla: Be cautious, treat every SMS you don’t expect with suspicion. Almost no company will ask you via SMS to reset passwords, verify your data or download anything.