Cos'e' il phishing - Cover

Estimated reading time: 7 minutes

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers . Occurs when an attacker, disguised as a trusted entity , tricks a victim into opening an email, instant message, or text message.

The recipient is then tricked into clicking on a malicious link, which can lead to malware installation , system freezing as part of an attack ransomware or the disclosure of sensitive information.

An attack can have devastating results . For individuals, this includes unauthorized purchases, fund theft or identity theft.

What is phishing - Concept

What is Phishing for Business?

Even more damaging, phishing is also used to gain an entry point into corporate or government networks as part of a larger attack , such as a persistent advanced threat event (APT – Advanced Persistent Threat). In the latter scenario, employees are compromised in order to bypass security perimeters , distribute malware within a closed environment, or gain privileged access to protected data.

An organization that succumbs to such an attack typically suffers severe financial losses, as well as a decline in market share, reputation and consumer confidence. Depending on the scope, a phishing attempt could escalate into a security incident that a company will have difficulty recovering from .

What a phishing attack looks like

Knowing what phishing is often isn’t enough to protect yourself . The best thing to do is work on resilience to attacks and understand how to spot them before falling victim to them.

As we mentioned earlier, the consequences can be enormous. But, if it seems simple to do when it comes to a single individual, what if there is an entire company to protect? SOD offers a service geared towards just that : train entire companies to recognize and mitigate the risk of phishing attacks.

Through a first controlled attack, we are able to understand which are the points to work on . Subsequently, training proposals for employees are organized. They are taught how to recognize threats before they become problematic. To find out more, visit the service page .

But let’s see what a generic attack looks like.

Attack example

1. A bogus email ostensibly from myuniversita.edu is being distributed en masse to as many faculty members as possible.

2. The email claims that the user’s password is about to expire . Instructions are given to go to the myuniversita.edu/rinnovo link to renew their password within 24 hours.

Various things can happen by clicking on the proposed link.

The user is redirected to myuniversita.edurinnovo.com , a fake page that looks exactly like the real renewal page, where both the new password are requested than the existing one. The attacker, monitoring the page, hijacks the original password to – gain access to secure areas of the university network.

– The user is sent to the real password renewal page. However, while being redirected, a malicious script runs in the background to hijack the user’s session cookie. This results in a Cross Site Scripting attack, giving the author privileged access to the university network.

What is phishing - Concept

Logic of an attack

Email phishing is a big game . An attacker who sends thousands of fraudulent messages can obtain significant information and sums of money, even if only a small percentage of recipients fall into the scam .

Hackers go to great lengths to design messages for a phishing attack by mimicking real emails from a disguised organization. Using the same phrasing, the same typefaces, the same logos and the same signatures, the messages appear legitimate .

Also, another thing to watch out for is that attackers usually try to push users into action by creating a sense of urgency. For example, as shown above, an email could threaten account expiration and put the recipient in urgency . Applying this pressure leads the user to be less diligent and more prone to error.

Finally, the links within the messages resemble their legitimate counterparts, but typically have a misspelled domain name or extra subdomains. In the above example, the URL myuniverist.edu/rinnovo has been changed to myuniversita.edurinnovo.com . The similarities between the two addresses give the impression of a secure connection , making the recipient less aware that an attack is in progress.

What is spear phishing

What is phishing - Spear phishing

Spear phishing targets a specific person or company , as opposed to casual users. It’s a more in-depth version of phishing that requires special knowledge of an organization, including its power structure.

An attack could take place like this:

– A hacker searches for employee names within an organization’s marketing department and gains access to the latest project invoices.
Posing as the director of marketing , The attacker sends an email to a project manager in the department using a subject that says: Updated invoice for Q3 campaigns . The included text, style, and logo duplicate the organization’s standard email template.
– A link in the email redirects to a password-protected internal document, which is actually a forged version of a stolen invoice .
– The marketing director is required to login to view the document. The attacker steals his credentials , gaining full access to sensitive areas within the organization’s network.

By providing the attacker with valid login credentials, spear phishing is an effective way to carry out the first phase of a ransomware attack.

What is whale phishing

whale phishing , or whaling , is a form of spear phishing that targets very big fish: CEOs or other high-value targets . Many of these scams target members of a company’s board of directors, who are considered particularly vulnerable. Indeed, they have great authority within the company, but because they are not full-time employees, they often use personal email addresses for business-related correspondence , which does not have the protections offered by email business.

whale phishing , or whaling , is a form of spear phishing that targets very big fish: CEOs or other high-value targets . Many of these scams target members of a company’s board of directors, who are considered particularly vulnerable. Indeed, they have great authority within the company, but because they are not full-time employees, they often use personal email addresses for business-related correspondence , which does not have the protections offered by email business.

How to defend yourself

Protecting against a phishing attack requires action by both users and businesses.

For users, vigilance is the key . A forged message often contains subtle errors that expose its true nature. These can include misspellings or changes to domain names , as seen in the example of the preceding URL. Users should be wondering why they are receiving a certain email .

What is phishing - Defense

For businesses, a number of measures can be taken to mitigate both phishing and spear phishing attacks:

Two-factor authentication (2FA) is the most effective method of thwarting phishing attacks, as adds an extra layer of verification when accessing sensitive applications . 2FA is based on users having two things: something they know , like a password and username, and something they have with them , like their smartphone . Even when employees are compromised, 2FA prevents the use of their compromised credentials, as these alone are not enough to get in .

In addition to the use of 2FA, companies should apply strict password management policies . For example, employees should be required to change their passwords frequently and not be allowed to reuse a password for multiple applications .

Finally, educational campaigns can also help decrease the threat of phishing attacks by enforcing safe practices , such as not clicking on external links to emails. In this regard, I would like to mention the ethical phishing service of SOD , which has the very intent of testing the company and organizing targeted training to mitigate the risks .

It’s not enough to know what phishing is, you also need to know how to recognize it.

Useful links:

Phising

Mitre Att&ck

Double extortion ransomware

hosting sito web

Based on what the actual need is, choosing hosting for a website is essential. The resources needed to host a fast and secure portal must be the basis on which to decide which plan to choose.

Choosing the right provider for the server hosting plan can be complicated, and it’s easy to get lost in the alternatives that the network offers. In addition to the price, it is also essential to consider the performance, safety and assistance offered by the provider.

Server Hosting for SOD (Secure Online Desktop) website

The offer that SOD offers is complete and presents solutions for every need. Through the dashboard it is possible to keep everything under control and access the various features of the service. The control panel is based on Plesk, one of the world standards for the management of this type of services.

Domain and hosting

Through the main section of the integrated Plesk control panel it is possible to:

View important hosting and domain information.

Remove and add new domains, subdomains and aliases

Administer the hosting settings

– Create and manage databases and users

Install SSL certificates

View domain statistics

Also in this section you can access the backup manager which also allows you to set an automation for creating backups.

Mail

The hosting service for the website includes email addresses linked to the chosen domain. These can easily be created or removed from the appropriate section in the panel.

For each email account it is possible to assign storage space, aliases and automatic replies to messages or the redirection of the same. It is also possible to set spam filters and block email addresses.

Applications

The hosting space for SOD websites has the possibility of installing additional tools. These can be set and eliminated through the appropriate section.

You can easily install CMS such as WordPress, Joomla or Drupal, but also other tools with both commercial and free licenses. Applications dedicated to e-commerce, online marketing or eLearning are ready to be installed, just to mention some areas of interest.

The apps offered are ready to be implemented with a single click and cover a wide range of possible needs.

File management

Uploading and managing files on the host space is facilitated by the File Manager integrated in the control panel. It is also possible to edit the files directly from the integrated code editor.

Moving, adding or deleting documents on the server is very simple and does not require the use of additional software.

Statistics

You can view detailed reports on the use of the resources provided with the subscription. Useful statistics such as detailed analysis of storage space and monthly traffic can be easily consulted to keep an eye on the expansion of the hosted sites.

If you have subscribed to different plans, you can view reports for each of the subscriptions.

WordPress Toolkit

WordPress, the well-known CMS used worldwide, has a privileged section in the control panel offered by SOD through Plesk. From here it is possible to manage the installation of the Content Manager and check which plugins and themes are installed.

Through the section it is even possible to manage multiple instances of WordPress. You can also conveniently test new CMS features in a sandbox test environment without the risk of compromising platform installation.

Hosting for a website – Available server hosting plans

The server hosting plans available with SOD are 3 and cover the most common needs of those who want to add their presence to the web in a simple and safe way.

The Starter plan offers an included domain, 20 email addresses and 100Mb of mailbox space. The web space is 10 Gb and traffic reaches 2 Tb monthly. Features are really interesting for hosting a simple website capable of managing the first growth processes on the network.

The Business and Ultimate plans are designed as more complete solutions and offer 2 and 4 domains respectively. The web space ranges from 20 to 40 Gb and the traffic from 5 to 10 Tb. Consequently, the number of databases and e-mail boxes available also increase.

Try the control panel for free with the demo account. In this way you can see how simple it is to use and full of useful features for the management of hosting a website.

[btnsx id=”2931″]
Useful links:
Let’s Encrypt Free Certificates for all Webhosting users

Customers

Newsletter