Phishing – CT Link Systems, Inc.

Cyber Security Tips: How to Spot Phishing Attacks

Phishing attacks are becoming more prevalent as a form of attack here in the Philippines. More SMS and email scams are being sent to individuals on a daily basis to try and steal credentials from those who are not familiar with it. It has become so prevalent that most Philippine banks have made many campaigns to warn their users how to spot a Phishing attack. Knowledge on these kinds of attacks is the best way to prevent them. We at CT Link are committed to helping spread awareness through cyber security tips that can help to spot fishy SMS or emails.

Cyber Security Tips on How to Spot a Phishing Attack

So what are simple ways to help spot a Phishing attack? Well from the example email example below, we can start looking from top to bottom.

Check the email domain carefully – does it look legitimate? If you are unsure, you can easily look online to see if it is.
Are there any attachments – Always be wary of attachments, never open files until you have confirmation the email is legitimate.
Generic Greetings and Urgency – Emails from your legitimate accounts would not be refer you vaguely and would not push for immediate resolution of a problem.
Wrong grammar or Typos – Emails are professionally made and proofread by bigger companies. If there are typos or bad grammar, it most likely a Phishing attack.
Suspicious links – When it comes to links in an email, it is always best to never open until sure, or preview the link on a desktop if possible to see where its going.

For more examples and explanations, read further below as we go in better detail on what to look out for!

Examine the Sender’s Email Domain or Number

After reviewing the message, check the sender’s email or phone number. Legitimate companies typically use consistent and familiar domain names or phone numbers. If you notice personal numbers or typos in the email domain, or if it uses generic domains like Gmail or Yahoo, it’s likely a phishing attempt.

Beware of Links and Attachments

Another red flag is the presence of attachments or links in the email or SMS. Exercise caution when dealing with email attachments, and always verify their legitimacy before opening. Be especially wary of files with unfamiliar extensions, as these are commonly associated with malware (e.g., .zip, .exe, .scr). For links, hover your cursor over them to preview their destinations. It’s best practice to ask for confirmation before clicking any link.

Be Cautious of Urgency in Messages

If you receive emails or SMS messages claiming that something urgent has occurred with your account, such as “your password has expired,” “unusual account activity,” or “response required,” exercise caution. These messages play on your fears to prompt immediate action. Take a moment to consider their authenticity.

Pay Attention to Message Content

If the email or message doesn’t address you by name or contain personal details, it’s likely fraudulent. Legitimate entities should have your information on hand. Additionally, watch for typos or grammatical errors in the message, as professionally crafted communications are carefully proofread. Scammers often rush or may not have English as their first language.

Cyber Security Tips: What to Do If You Suspect a Phishing Attack?

As mentioned earlier, it’s wise to consult your administrator or someone well-versed in security matters. You can also fact-check online to confirm the legitimacy of emails or SMS messages. Taking a moment to verify can prevent significant harm to you and your organization.

For more information and cyber security tips about phishing attacks, please feel free to contact us at marketing@ctlink.com.ph.

Remember that staying informed about phishing attacks and their prevention is vital to your online security. Stay vigilant and share these tips with your friends and colleagues to help protect everyone from potential threats.

Quishing: New Cyber Threat on the Rise

September 22, 2023October 17, 2023 Arby News and Events Phishing, quishing

Quishing may not be a term many in the Philippines are familiar with, however, it is closely related to another well-known attack that businesses should be familiar with, Phishing. Phishing, as we are familiar with, is an attack in which tries to extract sensitive information from their victims by masquerading as a trusted entity. They then direct their victims into a spoofed website that mimics the actual login pages to then extract credentials or sensitive information.

Quishing on the other hand, is a type of phishing but how they get users to access malicious links are via quick response code better known as a QR code.

What is Quishing?

As stated above, Quishing is a type of Phishing attack in which attackers, posing as legitimate verified companies, send a QR code in place of a link. There are many reasons as to why Quishing is a very effective strategy for attackers. Firstly, many victims of these attacks are unaware that attacks like these are happening. Many potential targets are aware of Phishing attacks using URLs and many are cautious already of it. However, this is not the case for Quishing, they take advantage of user carelessness when it comes to QR code scanning.

Another reason why this attack is effective is that it can bypass security measures of companies by using a QR code instead of links. Many security solutions have an extensive database when it comes to malicious URLs. QR codes can bypass this security measure due to the nature that links are embedded into the image, allowing the URL to slip through.

A big factor to consider as well is that QR code scanning is usually done through mobile devices. These endpoints are usually far less protected than company endpoints which have many layers of protection. This makes it much easier for attackers to steal credentials or even access company resources via the compromised endpoint.

What Can Philippine Businesses Do To Mitigate Quishing Risks?

In the Philippines, QR codes are becoming more of a common thing when it comes to transactions. This shows that we are progressing when it comes to customer convenience and experience. However, this also can dull the senses when it comes to safety as it becomes more ingrained in our habits. Just like Phishing, the best way to mitigate risks of Quishing is through user education and awareness. Below are a few security practices businesses should impart to their employees:

Beware of QR Codes: Never scan a QR code if it comes from an unknown or untrusted source.

Verify via a Separate Channel: If you receive a QR code from a trusted source through email, take an extra step to confirm its legitimacy. Reach out to the sender through a different means like text message or a phone call to make sure they intended to send it.

Watch for Red Flags: Phishing attempts often create a sense of urgency or appeal to your emotions. Be cautious if a message makes you feel rushed or plays on your sympathies or fears.

Check QR Code Previews: Before opening a QR code link, inspect the URL it leads to. Make sure it looks legitimate, uses “HTTPS” for secure connections, doesn’t have obvious typos or strange characters, and is from a trusted domain. Avoid clicking on unfamiliar or shortened links.

Guard Your Personal Information: If a QR code directs you to a website asking for personal information, login credentials, or payment details, be extremely cautious. Legitimate sources typically don’t ask for this information through QR codes.

Password Hygiene: Always practice good password habits. Change your email password regularly, and never use the same password for multiple accounts.

Philippine Business Security Best Practices

In addition to educating users, organizations should consider implementing these security measures to defend against various types of phishing attacks and minimize the impact if one occurs:

Allowlisting and Blocklisting: Maintain lists of trusted and untrusted sources to control access to specific websites and content.

Antispam Filters: Employ filters that help identify and block phishing emails before they reach users’ inboxes.

Strong Email Security Policies: Establish and enforce policies that govern email usage and security practices within your organization.

Strong Password Policies: Ensure that employees use strong, unique passwords and consider implementing password management solutions.

Multifactor Authentication: Require users to provide multiple forms of verification (like a password and a unique code sent to their phone) when accessing sensitive information.

Antimalware Software: Install and regularly update antivirus and antimalware software to detect and mitigate threats.

Email Security Gateways: Utilize email security gateways to filter out malicious content and attachments from incoming emails.

Threat Intelligence Services: Stay informed about the latest threats by subscribing to threat intelligence services, which provide insights into emerging risks and vulnerabilities.

To learn more about how to better secure your business against Quishing and other modern Phishing attack strategies, contact us at marketing@ctlink.com.ph today!

Phishing Evolving: Learning About Modern Evasion Methods

December 9, 2022April 20, 2023 Arby News and Events Email Security, Phishing, Security

Email has been a staple use of communication ever since it was introduced. Businesses are constantly trying to keep their email security updated to avoid attacks and data leaks. However, attacks like phishing are constantly evolving to evade email security technology. From attacks that try to fool users into clicking links to emails exploiting vulnerabilities, attackers are mixing or combining them to better succeed in getting into your network. This is why it is important to not only update your security, but to also educate your users.

Below are a few of these methods that are being used in the online environment that you and your users should be aware of:

Favicon Evasion

The first Phishing evasion method affects the icon of the browser tab called the favicon. If you look carefully at some links that ask you to login to your account, there are some inconsistencies. The left image and right image are similar but have major differences. This is purposely done to evade detection from email security, the left image has different color patterns then the actual Microsoft logo.

Logo Evasion

They also apply small differences on the logos they use on the login link. The left image uses a similar font and is in bold. This is to cause errors in template matching and increase the chance of being missed in Phising detection engines similar to the Favicon Evasion method.

Form Evasion

When looking at the inside of the sign-in link (the HTML code), we might see some things that look suspicious. Some detection engines are looking for form codes, so what attackers do is use <div> tags instead to look exactly the same.

Suspicious Text in Images

Some detection engines scan for fields that asks for a user’s password, like “enter password”. This is then investigated if this is a legitimate site. How attackers try to bypass this, they use a text image of “enter password” to evade this.

Phishing evasion methods Suspicious Text

Input Field in Disguise

Another technique that phishing detection engines may use is scanning the HTML for input fields, indicating that this might be a credential theft attempt. In this attack, attackers hide an input field by creating an empty div with a background image showing the word password. This is another way attackers evade detection from email security solutions.

To learn more on email security methods or if you would like to better educate your users, you can consult with us by sending us an email at marketing@www.ctlink.com.ph!