What is Phishing? Phishing Attacks Explained.

By <b>Evan Lipford</b>

By Evan Lipford

What is Phishing?

Phishing is one of the most dangerous cyber threats to businesses of any size, and hackers are getting better at launching phishing attacks as time goes on. Phishing is a hacking technique that is designed to target businesses in their most vulnerable spot (human emotion), all while avoiding anti-virus and end-point detection software along the way. When a hacker embarks on a phishing campaign their goal is not to quietly steal sensitive data like most other hacking techniques.

Instead, they use social engineering to heighten a targets emotional state of being in hopes of the target providing the sensitive information voluntarily.

Phishing Explained.

When business owners and internet users first hear about phishing, it often times comes off as unrealistic. After all, who would willingly hand over sensitive information like usernames, passwords, banking information, or private documents to a hacker? Hackers are supposed to be uber intelligent cyber criminals that steal data by writing code and breaking into software, right? Well, let’s take a look.

The team here at Jenta Tech flagged a phishing attack that specifically targeted our company, and we thought it was a great opportunity to go over phishing in detail to show what an attack looks like, how to spot them, and how to verify the authenticity of content. You can find this information in detail in the video below, but first, let’s give a quick overview on how a phishing attack works.

Phishing starts with cyber criminals identifying a target, and then using OSINT techniques (open-source intelligence) to gather as much relevant information as possible on said target. When the information is acquired, hackers construct a social engineering campaign to attempt to manipulate the target into sharing sensitive information with them, thus completing the hack. What the hackers do with the information will depend on what the data was used for. Some may access bank accounts and drain money, others may use the information to plant ransomware on a network for more money overall, or some hackers will gain entry into a system for further evaluation.

Let’s take a look at the four common steps featured in every phishing attack, and then we will use the attack that was launched on us as an example of what these techniques look like in real time

Here are the four common steps that take place to launch a phishing attack:

  1. Identify a target and collect information using OSINT techniques
  2. Design an email template and/or website that matches the company that the hackers are pretending to be. This is usually a big but relevant corporation like Facebook, Chase Bank, etc
  3. Create a social engineering campaign that is designed to play on emotions such as fear, hope, confusion, excitement, greed, or any other emotion that can cause a person to make a rash decision.
  4. Create a list of individuals within the target company that are likely to be impacted by the social engineering campaign and deploy the attack.

A Real Phishing Attack.

Now that we have discussed the basics of a phishing attack, let’s break down the attack that was aimed towards the team here at Jenta Tech. Although we cannot verify why we were targeted, we can evaluate some of the OSINT information that was used to build the social engineering campaign against us.

After lining us up as a target, the first thing the hackers did was use a feature in Facebook that let’s users verify if businesses are running ads. This feature is called “Page Transparency” and it allowed the hackers to verify our advertising methods for use in a later step:

jenta tech facebook ads screenshot

Now that the hackers have verified that we run Facebook ads, they begin their journey of incorporating their fictious link into a legitimate platform to attempt to garner our trust. Previously, hackers would include a slightly edited URL within an email in hopes that you would click on. This particular phishing attack has evolved, and hackers now build a real Facebook page to use to create a post that holds the nefarious link. Here is the Facebook profile and the subsequent post they used to hide the link to their phishing website:

jenta tech phishing facebook profile example

At this point the hackers have identified us, performed their OSINT research, created the honeypot, and now it is time for them to target us through email. Our email security did pick this particular phishing attempt up and flag it, but we let it through for the purpose of this blog. In the email the hackers pose as Facebook and tell us that our ads are violating terms and conditions. They offer a way to file an appeal with a REAL Facebook link that links to the Facebook account that they created which is shown in the photo above. In attempt to drum up fear and urgency, the email says that our ad platform will be deleted if we fail to file an appeal within the next 24 hours. Here is a shot of the email:

As you can see, the hackers attempt to create a mix of confusion and fear while simultaneously offering a solution that can only be taken advantage of with urgency. The hope here is that our management team and/or ownership will panic and fill out the fake form, which is hidden behind a fake Facebook page that requires us to log in first, thus handing them the username and password to the admin of our Facebook business page. This is an elegant, albeit evil attempt at social engineering our team into handing over sensitive data.

In the video below, we break down this phishing attack and go into more detail on how to spot them without the use of email protection software and other tools. We also show you how to utilize a free piece of software to analyze a link before clicking on it. If you want help protecting your business, the team here at Jenta Tech is a local leader in Managed IT Services in Colorado Springs and the surrounding areas. Enjoy the video, and please do not hesitate to reach out to us with any questions!

Full Video Breakout.

Search
Written By
Evan <b>Lipford</b>

Evan Lipford

Subscribe & Grow.

Subscribe to the Commerce Puzzle Cannabis Outlet for updates and free tools for growing your business in the cannabis industry.