Recent attacks (like WannaCry ransomware attack Etc with malware like EternalRocks) on systems and created Huge financial loss (estimated Ransomware Impacts Revenue - by 29%) and services and health care systems damage impacted the hospital operations and created human life threatening situation. It is not more laughing matter. It is important for organizations and individual to plan better on handling Phishing.
In my case I have got mails offering to cash a bank account which belongs to someone abroad with the same family name, who has passed away and did not have anyone to claim the money.
"Dear (mail account)
I am Mr (.... ) from (bank of trade), I am the account manager of Mr (). He died last month on an accident, and hes no relatives. He had in his bank account a Billon dolars which will be transfer to non profit organization at least someone claims.
I am writing to you since you have the same family name and you are elegible to claim the account. I will asist you on the process and I will ask 20% of the money.
In order to proceed please sent us your bank account details.
Looking forward to hearing about you.
Mr account Manager
Then they have your contact information, and probably they will ask to transfer some money for expenses.
There are other mails that ask you to confirm your information. The mail is supossed to be from your bank, but the link takes you to a fake website.
Best Regards to everyone.
Wow, a billion dollars! Sounds like an offer that could be too good to miss
Thanks for sharing Claudio, sounds like the standard phishing procedure, with a few extremes thrown in!
There are multiple steps an organization or an idividual can take to protect against phishing. They must keep a pulse on the current phishing strategies and confirm their security policies and solutions can eliminate threats as they evolve. It is equally as important to make sure that their employees understand the types of attacks they may face, the risks, and how to address them. Informed employees and properly secured systems are key when protecting the organization or an idividual from phishing attacks.
these days they are trying to call and by using tricks with kids crying background noise theare trying to steal information from banks :)
another one "Convert HTML email into text only email messages or disable HTML email messages."
- Educate your employees and conduct training sessions with mock phishing scenarios.
Absolutely. I feel like this is nowhere near common enough, I would suggest that this is the single most fundamental aspect of preventing a cyber attack, both in a personal and professional sense. In today's world, identifying social engineering and phishing should be taught in schools, everybody should have at least a basic understanding of how to avoid simple mistakes that could lead to exploitation.
The phishing scam is one of the most effective scams and it targets those who are not aware of that and can easily get along to it and can not see the differences between the genuine email and fake email. I have faced the scam and because of that my system was getting hacked and it had an issue of Microsoft compatibility telemetry