• Not click on malicious links
• Never open unexpected or untrusted attachments
• Avoid revealing personal or sensitive data to phishers
• Verify software legitimacy before downloading it
• Never plug an unknown USB into their computer
• Use a VPN when connecting via untrusted or public Wi-Fi

• Scan and monitor emails. Emails are a common choice of cybercriminals executing phishing schemes, so take the time to scan and monitor emails on an ongoing basis, and consider deploying an automated email security solution to block malicious emails from ever reaching users.
• Scan and monitor file activity. It is also a good idea to scan and monitor file activity. You should be notified whenever there is a suspicious file in play—before it becomes a threat.

Social engineering techniques are designed to take advantage of human nature. This includes the fact that people are more likely to make mistakes when they are in a hurry and are inclined to follow the orders of people in positions of authority. Phishing attacks commonly use these techniques to convince their targets to ignore their potential suspicions about an email and click on a link or open an attachment. Some common phishing techniques include:

• Fake Order/Delivery: A phishing email will impersonate a trusted brand (Amazon, FedEx, etc.) stating that you have made an order or have an incoming delivery. When you click to cancel the unauthorized order or delivery, the website (which belongs to a cybercriminal) will require authentication, enabling the attacker to steal login credentials.
• Business Email Compromise (BEC): BEC scams take advantage of hierarchy and authority within a company. An attacker will impersonate the CEO or other high-level executive and order the recipient of the email to take some action, such as sending money to a certain bank account (that belongs to the scammer)
• Fake Invoice: The phisher will pretend to be a legitimate vendor requesting payment of an outstanding invoice. The end goal of this scam is to have money transferred to the attacker’s account or to deliver malware via a malicious document.

Credential theft is a common goal of cyberattacks. Many people reuse the same usernames and passwords across many different accounts, so stealing the credentials for a single account is likely to give an attacker access to a number of the user’s online accounts.

As a result, phishing attacks are designed to steal login credentials in various ways, such as:

• Phishing Sites: Attackers will create lookalike sites that require user authentication and point to these sites in their phishing emails. Beware of links that don’t go where you expect them to.
• Credential-Stealing Malware: Not all attacks against your credentials are direct. Some phishing emails carry malware, such as keyloggers or trojans, that are designed to eavesdrop when you type passwords into your computer.
• Support Scams: Cybercriminals may pose as customer support specialists from Microsoft, Apple, and similar companies and ask for your login credentials while they “help” you with your computer.

Password reset emails are designed to help when you can’t recall the password for your account. By clicking on a link, you can reset the password to that account to something new. Not knowing your password is, of course, also the problem that cybercriminals face when trying to gain access to your online accounts. By sending a fake password reset email that directs you to a lookalike phishing site, they can convince you to type in your account credentials and send those to them. If you receive an unsolicited password reset email, always visit the website directly (don’t click on embedded links) and change your password to something different on that site (and any other sites with the same password).

Phishing attacks use human nature to trick people into doing something that the attacker wants. Common techniques include creating a sense of urgency and offering the recipient of the email something that they desire, which increases the probability that the target will take action without properly validating the email.

Phishers will often take advantage of current events or impersonate trusted brands in their emails to make them more realistic. By offering information, goods, or opportunities related to a current event or creating a situation where the recipient believes that something has gone wrong (like a fake package delivery notification), these emails increase their probability of getting clicks.

Phishing techniques and the pretexts used by cybercriminals to make their attacks seem realistic change regularly. Employees should be trained on current phishing trends to increase the probability that they can identify and properly respond to phishing attacks.

Despite an organization’s best efforts, employee cybersecurity education will not provide perfect protection against phishing attacks. These attacks are growing increasingly sophisticated and can even trick cybersecurity experts in some cases. While phishing education can help to reduce the number of successful phishing attacks against the organization, some emails are likely to sneak through.

Minimizing the risk of phishing attacks to the organization requires AI-based anti-phishing software capable of identifying and blocking phishing content across all of the organization’s communication services (email, productivity applications, etc.) and platforms (employee workstations, mobile devices, etc.). This comprehensive coverage is necessary since phishing content can come over any medium, and employees may be more vulnerable to attacks when using mobile devices.

Threat intelligence provides the information required to effectively detect zero day attacks. Protecting against them requires solutions that can translate this intelligence into actions that prevent the attack from succeeding. Check Point has developed over sixty threat prevention engines that leverage ThreatCloud’s threat intelligence for zero day prevention. Some key threat prevention capabilities include: