You have a new mail! The issue seems to be serious, a security alert or a new order to be managed. The employee who receives it opens the email to know more, attached is a file to download that will specify the reasons for the communication. However, said an employee has just opened the door of a virus s who will spy the documents of the company or kidnap the equipment in exchange for a ransom.
Email is the most common tool for expanding attacks, just as it is also one of the simplest methods to make it effective. It is easier for the user to be deceived in this way than through a fraudulent web. However, it is similar from the point of view that both techniques use the mask of a trustworthy company.
Like a chameleon, the virus comes in the wrapper of being a safe and accurate message to be read. Panda Security has analyzed the e-mail issues with which cybercriminals target their victims, from the most frequent case of a security alert to a request for urgent help such as NGO messages.
Top 10 Phishing Email Issues
Twenty-one percent of e-mail in phishing practice uses ” Security Alert ” or ” Security Alert” support. This method is not this year, months ago the company Avast warned that some cybercriminals had passed through the security firm under the pretext of announcing an alert in their system to punch in a false link.
Other tricks used by the attackers are alluding to issues of holidays and illness, as if it were an internal mail, in 23% of cases, a request that the worker must manage in 20% of the chances or changes of the password in 15% of the cases.
You can also find email topics that have nothing to do with the scope of work, because 10% of the times that the place of entry of a cyber attack has been analyzed, it was an email with the subject ” latest news: a United Airlines passenger dies from the cerebral hemorrhage. ”
How can phishing be prevented?
The 91% of cyberattacks starts from a false email by which a file that contains a malware download. The first thing is to have an antivirus installed that has phishing or spam detection.
On the other hand, you should check where the email comes from. Although the name of the person who sent you the email is the same as the security provider, in many cases when you click the person’s mail will be displayed. When you view the complete address you will get to see the domain from where the email originated such as “Mrx @ abdomen. Com”. Most of the phishing emails are designed in the manner that they look like they have come from your friend, office, or bank.
Issues such as ” Urgent action ” or “Urgent action” should be examined in a suspicious way as they try to capture the attention of their victims with flashy messages. Other emails use the trick to warn that your account will be closed or is being compromised to get your data.
In addition, links included in an email domain that does not have “https” are not verified pages, and therefore no service has indicated that they are authentic and that navigation is secure.