The dangers of a phishing email attack.
A phishing email attack is a fraudulent attempt to trick an email recipient into sharing sensitive information like login credentials, account information or personal data. The sender of a phishing email typically poses as a reputable business or known person to get the recipient to click on a link or open an attachment. In a spear phishing email, the attacker attempts to gain access to confidential data by posing as a trusted source, often within the same company. And in a form of phishing known as whale phishing, attackers can impersonate a high-level executive, tricking another employee into sending money to an account that turns out to be a sham or distributing sensitive corporate or personnel data.
Despite widespread education and efforts to make users aware of the dangers of this kind of fraud, phishing email attacks are surprisingly successful. In fact, 91% of hacking attacks today start with some kind of phishing email1. The costs of a successful phishing attack can reach into the millions of dollars, due to fines and legal action as well as business disruption, damage to corporate reputation and loss of customer confidence.
Stopping a phishing email threat with Mimecast.
To mitigate the risks of a phishing email attack and improve spear security, Mimecast offers Targeted Threat Protection. This cloud-based service – part of Mimecast’s all-in-one subscription service for email security, archiving and continuity -- extends traditional gateway security to protect against all forms of a phishing email attack.
Mimecast’s service scans email in real-time to identify suspicious messages. With Mimecast, organizations can combat threats from a phishing attack with:
- Comprehensive protection that is easy to manage and that requires no additional infrastructure or IT overhead.
- Defenses that can be implemented instantly on and off the corporate network, including mobile devices.
- Granular reporting for greater insight with real-time, end-to-end threat analysis.
How Mimecast technology prevents a phishing email attack.
Mimecast Targeted Threat Protection defends against every type of phishing email threat.
Impersonation Protect identifies a whaling attack that uses social-engineering to trick employees into divulging confidential data or wiring funds to a fraudulent account. Mimecast scans all inbound emails in real-time, searching for specific signs of fraud in the header, domain and content of the message.
URL Protect prevents a phishing email attack by scanning all URLs within incoming and archived emails on every click and opening websites only if they have been determined to be safe.
Attachment Protect defends against weaponized attachments by sandboxing attachments and allowing only safe documents to be sent on to the user.
FAQs: phishing email
What is a phishing email?
A phishing email is an email that pretends to be from a trusted organization and attempts to trick the recipient into divulging sensitive information like passwords, bank account numbers or credit card details. Phishing emails may also attempt to get users to click on a link that will download malware to their computer.
How do phishing emails work?
The most common type of phishing email is one that impersonates a legitimate company, re-creating the look and feel of the company’s brand in the email. The message typically has a sense of urgency – it may report that there is suspicious activity on your account, a problem with a payment, or that it’s time to change a password. The message asks you to click on a link that will take you to a fraudulent website (which looks just like a real website) where you’ll be asked to enter login information, credit card numbers, bank account information or other sensitive data. Attackers can use this data to access your accounts and to steal your identity, valuable data and money.
How to recognize a phishing email?
There are several common things to watch out for that can help you recognize a phishing email.
- Bad grammar, strange wording and poor spelling – reputable companies work very hard to avoid these mistakes.
- Your name is missing – most companies that you do business with will use your name in communications with you.
- You don’t have an account or a relationship with the company from whom the email appears to have been sent.
- Demands for urgent action and threats of negative consequences. Attackers want you act quickly, clicking a link and providing information before you have time to think twice.
- Inconsistent email addresses, links and domain names. If you hover your cursor over a link before clicking on it, you’ll see the real URL address that it will direct you to. If it doesn’t match the text of the link on the page or company’s domain, it’s likely fraudulent. Also, the company domain in the sender’s email address may be slightly different then the real company’s domain.
- Offers that are too good to be true. Many phishing emails will make promises about rewards, prizes or free money.
- A request for personal information. Be suspicious of any email that asks for personal information or requests that you enter your password or credit card number.
- A message from government agencies like the IRS or FBI. Most U.S. government agencies, including the IRS and FBI, don’t communicate with individuals through email.
- Suspicious attachments. Be very careful about opening any attachment, and especially one from an email that seems suspicious and any other way.
How to block phishing email?
The best way to avoid the damages from a phishing email is to use a multi-layered approach to email security.
- Educating users about how to spot a phishing email and what to do when they encounter one can help to significantly improve a company’s security posture.
- Spam filters, anti-malware programs and DMARC authentication can help to block many phishing emails before they reach users.
- Advanced anti-impersonation filters can help to spot the signs of social engineering techniques commonly used in sophisticated phishing, spear-phishing and whaling attacks.
- Technology that scans and validates links and attachments in real time can help to prevent users from clicking on malicious URLs or opening dangerous attachments.
- Encouraging users to use two-factor authentication can help to mitigate the impact of a phishing email attack by blocking hackers from accessing accounts.
Where do I report phishing emails?
When you receive a phishing email, you should report it to:
- Your company, which will help your IT team to prevent the email from reaching other employees.
- Your email provider, which can help your provider adjust spam/junk filters to stop this particular phishing email.
- The company that is impersonated or spoofed in the email.
- Government agencies and nonprofits working to prevent phishing. These include:
- The Federal Trade Commission. Forward the email to the FTC at email@example.com or report the phishing attack online at ftc.gov/complaint.
- The Cybersecurity and Infrastructure Security Agency (CISA), part of the US Department of Homeland Security. Forward the message to firstname.lastname@example.org.
- The Anti-Phishing Working Group (APWG). You can report phishing email to this international coalition working to stop phishing by visiting http://antiphishing.org/report-phishing/.