The more you know about phishing, the better you can spot phishing attacks and not become a victim.

Phishing is a form of fraud in which cybercriminals try to scam people into providing sensitive information (e.g., login credentials, account information) or performing an action (e.g., clicking a link, opening an email attachment) in order to steal money, data, or a person’s identity.  The five items below can assist in protecting you:

1.  Phishing Is Not Just About Emails

Most often, cybercriminals use emails and websites in their phishing attacks. Sometimes they even use both channels in the same scam. For example, they try to get people to click a link in an email, which sends the victims to a phishing site. Similarly, cybercriminals might try to get people to click a link in a text message, which leads to a phishing site.  Phishing calls are also becoming common and increasing rapidly.

 2.  Hackers Like To Reel In Certain Types Of Victims

While phishing attacks were initially targeted at consumers, cybercriminals quickly discovered that businesses are also lucrative targets. In 2018 alone, an estimated 83% of businesses experienced phishing attacks with small and midsize companies being most often targeted. These companies are sought out, as they often do not have the expertise or resources to properly secure their businesses against phishing scams and other types of attacks.  Cybercriminals most often target executives, administrative assistants, HR staff and sales team members.

3.  Phishing Sites Can Be HTTPS Pages

Cybercriminals are increasingly using HTTPS sites for phishing. Hackers are counting on people being lulled into a false sense of security when they see the “https” designation and the accompanying padlock icon in their web browser’s address bar. When some people see these two elements, they assume that a site is safe. However, the “https” designation simply indicates that any data sent between the browser and the website is encrypted. It does not signify that the website is legitimate or free from malware.  Experts estimate that more than half of phishing sites are HTTPS sites.  The situation is getting so serious that the FBI issued a public service announcement in 2019 warning people about this.

4.  Cybercriminals Don’t Take Holidays Off

Hackers go phishing 365 days a year and often ramp up their efforts for seasonal events and holidays.

5.  Phishers Are Skilled Impersonators

Cybercriminals often prey on people’s compassion, by pretending to be collecting donations for disaster victims or charities. They like to impersonate legitimate contacts and companies to carry out their phishing scams, masquerading as representatives from such popular companies as Microsoft, PayPal, Netflix, UPS and others. When targeting a business, cybercriminals often pretend to be someone within the company, or a client, supplier, or organization that does business with the company. 

A Serious Threat

CopperTree Solutions can help protect your business by devising a comprehensive strategy to deal with the above types of phishing attacks. We can manage all your IT needs and keep your systems current and protected. 

CopperTree Solutions serves clients both large and small, in Kitchener, Waterloo, Cambridge, Guelph, Stratford, and around South Western Ontario.

Call 519-804-2461 or Colin.Shantz@ctsol.ca