Defending against a phishing virus.
A phishing virus typically starts with an email that seems to be from a legitimate source like a bank, a credit card company, a social website, an online payment processor or an IT administrator. The email directs the recipient to click on a link for a website that turns out to be malicious, and where the user is asked for some personal information like a passcode, credit card number, or account information. That info is then used to gain access to the user's accounts and to commit identity theft.
A spear-phishing virus is a more targeted phishing directed against a specific individual or role at the organization. This type of phishing virus attack uses social engineering techniques and information gathered about the individual to make the email more believable and increase the likelihood that the recipient will act on it.
Preventing phishing virus attacks requires sophisticated solutions that combine powerful email security technology with dynamic user awareness training. That's where Mimecast can help.
Prevent phishing virus attacks with Mimecast.
Mimecast offers industry-leading solutions for email security, archiving and continuity in a cloud-based subscription service. With Mimecast, you can easily reduce the cost, risk and complexity of managing email for business.
To combat a phishing virus, Mimecast provides best-of-breed email security solutions that deliver always-on, always up-to-date protection. Using sophisticated, multilayered detection engines and advanced threat intelligence, Mimecast protects your email and users from malware, spam, data leaks and advanced threats like a phishing virus or impersonation fraud. Mimecast also provides tools that empower end-users to recognize threats more effectively and to develop habits that help protect the organization from threats like a phishing virus.
Mimecast solutions for stopping a phishing virus.
Most Gateway solutions stop spam and malware but fail to prevent a phishing virus. Mimecast helps prevent phishing attacks and spear-phishing virus threats with a suite of services called Targeted Threat Protection. These include:
- URL Protect - this service combats a phishing virus attack by scanning all links in inbound emails and effectively sandboxing URLs on each and every click before directing users to the requested site.
- Attachment Protect – this service helps prevent cyber phishing scams by blocking users from opening suspicious attachments. Mimecast can either sandbox attachments or convert them to a safe format for immediate delivery to users.
- Impersonation Protect – this service detects phishing email scams that use social engineering techniques to commit impersonation or CEO fraud. Mimecast scans every incoming email to look for signs of impersonation fraud in the domain name, domain age, reply-to information and the body of the message.
Learn more about how to avoid a phishing mail attack with Mimecast.
FAQs: Phishing Virus
What is a phishing virus?
A phishing virus is a form of malware that is installed on a user’s computer as part of a phishing attack. Phishing is a type of cybercrime where attackers pose as a trusted or legitimate business to dupe an individual into sharing information such as bank account numbers, credit card details, login credentials and other sensitive data, and/or to download a phishing virus onto the user’s computer.
How does a phishing virus work?
Typically, attackers infect a user’s computer with a phishing virus by sending an email that looks like it comes from a person or a business the recipient knows and trusts. The email may suggest that there is a problem with or suspicious activity on the user’s account, that a password needs to be reset or an account needs to be verified, that a bill needs to be paid, or that the recipient must act quickly to prevent negative consequences or take advantage of an opportunity. The email installs a phishing virus by asking the recipient to open an attachment or to click on a link that takes them to a spoofed website, where they may also be asked to share sensitive information. Once the phishing virus is downloaded, it may install ransomware, launch attacks on other computers or give the attacker access to data within the user’s network.
How to spot a phishing virus attack?
There are a number of telltale signs that an email may be part of a phishing attack designed to obtain information or download a phishing virus. Phishing email is likely to include one or more of the following indicators:
- A request to provide sensitive information like passwords, account numbers and personally identifiable information.
- A sender’s email address that, upon inspection, doesn’t match the domain of the company that the email purports to be from.
- Bad spelling, grammar mistakes and unusual language choices.
- A threat of negative consequences, or an offer that seems too good to be true.
- An urgent, threatening or insistent tone with language designed to get the recipient to respond quickly.
- Attachments to the email that seems suspicious, such as a document that is unexpected or an invoice that seems like a mistake.
- Hyperlinks that, when inspected more closely, would direct the recipient to a website that’s different than the one listed in the text of the email.
How to block a phishing virus?
Blocking a phishing virus from infecting a user’s computer is best accomplished with a multi-layered approach to security.
- Security awareness training educates users about how to spot phishing virus emails and other threats, and what to do when they encounter one.
- Advanced email scanning and filtering technology can block users from clicking on links or opening attachments that are determined to be unsafe. This technology is also able to look for indicators within an email that may be signs of fraudulent impersonation and can block or quarantine an email for closer inspection.
- Strong anti-spam and anti-malware protection can stop many phishing virus emails at the secure email gateway.
- DNS authentication services that use SPF, DKIM and DMARC protocols are very effective at preventing certain phishing virus emails from entering an organization’s system.
How to get rid of a phishing virus?
Follow these steps if you believe you have a phishing virus on your computer.
- Disconnect the computer from the Internet and your internal network to prevent the virus from spreading.
- Contact your IT department and your supervisor immediately – they can help to limit the damage.
- Have your computer thoroughly scanned for malware and viruses.
- Change the login credentials on important accounts that the attackers may now have access to.
- Report the phishing attack to government agencies working to stop phishing virus attacks such as the Federal Trade Commission (ftc.gov/complaint), the Cybersecurity and Infrastructure Security Agency (firstname.lastname@example.org) and the Anti-Phishing Working Group (www.antiphishing.org/report-phishing).