What is a Phishing Attack?

Phishing is an attack whereby an adversary attempts to coerce a victim into taking an action with unforeseen consequence. Phishing attacks are typically delivered via email where the attacker attempts to convince you into opening a file containing a computer virus, visit a webpage to load a malicious program, or asks you for personal information that may be used for identity theft.

Phishing is a common technique used to by Hackers and Criminals to bypass otherwise strong defenses. These attacks take advantage of human nature, and are challenging to prevent even with the most sophisticated technology. The last line of defense is you, the user. You need to know how to detect a phishing incident, and equally as important must know the right actions to take should you fall victim to an attack. Here are tips to detect a phishing email

  1. Don't open attachments or click links contained in emails you aren't expecting to receive.
  2. Urgent messages threatening action or negative consequences should raise your suspicions.
  3. Investigate the sender address to check validity. It is not often that someone from a major corporation contacts you from their Gmail account.
  4. Mouse-over links in attachments to look at the destination before clicking.
  5. Verify origin of the email and its authenticity using an out of band mechanism.

The above tips are not foolproof; however, practicing them will give you a better situational awareness and make you think twice before clicking a link or opening an attachment in the next phishing email you receive. There may be a time that you are fooled, and it is imperative that you know how to respond; at that time you must recognize that your computer has been compromised and follow any guidance given to you by your corporation. This may be contacting your help-desk , call-center, or security team immediately. They will be best positioned to recover your systems to a secure state. Failure to report may result in impacts for you personally or your organization.

If you fall victim to a phishing attack at home, you generally will have less resources available to assist. You should immediately 'unplug' your computer from the network in order to prevent data loss. Once unplugged, you should restore your computer to a secure state using original installation media or backup restoration software. Following a full restore, update your anti-virus software and run a full system scan.