The Aftermath of a Cyberattack Pt. 1: Phishing Recovery Basics
- by Brittany Day
Do you suspect that you’ve fallen victim to a phishing attack? Are concerned with the impact that it may have on your business, your productivity, and your reputation - but are unsure of how to proceed? Who should you call? Have critical email accounts or has sensitive financial information been compromised?
If you are anxiously asking yourself these questions, you're not alone. It is normal to panic when you first learn or suspect that your systems - or possibly your business - may have been compromised in an attack. However, do your best to remain calm. Knowing what to do in these circumstances is critical in minimizing damage. Set yourself up for a smooth, successful recovery by letting our experts provide you with advice and guidance on protecting sensitive data and securing your systems after a phishing attack.
What Is a Phishing Attack?
Phishing - a dangerous email scam in which a malicious actor masquerades as a reputable sender - is currently used in over 90% of all cyberattacks. Modern phishing attacks are highly targeted, sophisticated and difficult to detect. While phishing campaigns have traditionally leveraged malicious URLs or attachments to steal sensitive credentials or infect systems with malware, attackers are increasingly employing stealthy fileless techniques in an effort to evade detection. The majority of businesses lack layered real-time email security defenses, leaving them highly susceptible to credential theft and wire transfer fraud - especially in this time of heightened digital risk. The FBI reports that despite existing security defenses, 30% of phishing attempts are opened by target users.
Have I Taken the Bait in a Phishing Scam?
When it comes to determining whether you’ve been caught by phishers, the best clue is often those in your address book. In phishing campaigns, attackers frequently leverage compromised accounts to send fraudulent emails that appear to come from a known and trusted sender with the aim of compromising further credentials, stealing money from victims and perpetuating the vicious cycle of cybercrime.
Have you gotten an email from a colleague, letting you know that he or she has received a suspicious email from your address? Have you been informed by a superior at your company that he or she received a message from your account that didn’t seem quite like the emails you typically send? If so, it is highly likely that you unknowingly disclosed account credentials to attackers in a phishing scam.
Have you detected suspicious activity on your device and run a malware scan that confirmed malware was present? Have your files been locked by ransomware? If so, it is highly probable that the malware was downloaded from a malicious attachment in a phishing email, as Verizon reports that 94% of all malware is delivered via email.
Has a company that you thought you had paid via a wire transfer informed you that they have not received your payment? If so, you may have fallen for a wire transfer scam carried out via phishing.
Costly Clicks: The Consequences of a Phishing Attack
It is a safe assumption that 2020 has been a pretty difficult year for the majority of businesses - especially SMBs, who often lack the resources required to tackle modern cybersecurity threats. Having to recover from a phishing attack only adds to the challenges businesses currently face - often presenting them with severe consequences including data theft, account compromise, financial loss and significant, costly downtime - or worse, permanent closure. One wrong click can also result in serious reputation damage and obliterated client trust - after all, a phishing attack not only puts the victim organization at risk, but its customers as well.
Sensitive information stolen in a phishing scam can be used to initiate fraudulent wire transfers in which an employee is tricked into transferring funds to an account controlled by the attackers. The FBI has disclosed that a reported $221 million was lost to wire transfer fraud in 2019 - and this is only the tip of the iceberg, since a meager 15% of wire fraud is reported. Email accounts that have been taken over by cyber criminals using credentials stolen in phishing attacks can also be leveraged in dangerous email account compromise (EAC) scams to hijack further accounts.
In some cases, biting the hook in a phishing attack results in the installation of ransomware, spyware or other destructive malware. Ransomware attacks cost SMBs an average of $713,000 per incident (a combination of the expense of downtime and lost business due to reputational harm), and 60% of SMBs that get hit with ransomware are forced to permanently close doors within six months of experiencing the attack.
Phishing Recovery: Advice from Our Experts
If you’re unable to spot a phish and end up falling victim to an attack, you’re in good company. Modern phishing campaigns are so targeted and sophisticated that even the most security-aware users can be tricked by attackers, and users are now three times more likely to click on a phishing link and then disclose their account credentials than they were pre-COVID.
In the event that you do fall for a phishing scam, it is crucial that you are aware of the actions you can take to help safeguard compromised information and recover from the attack as quickly and seamlessly as possible. Fast, intelligent action is imperative to mitigating potential damage. Here are the steps you should take if you either know or suspect that you’ve experienced a phishing attack.
Disconnect Your Device from the Internet and Change Your Credentials
This will reduce the risk of malware spreading to other devices on the network, and will also prevent a malicious hacker from accessing your device and potentially sending out confidential information from it. Hopefully you’ve backed up your files in case they have been locked up by ransomware or get erased in the recovery process.
If you were directed to a fraudulent website where you attempted to login, change your username and password for that website immediately.
Report the Incident to Authorities and Set Up a Fraud Alert with a Credit Reporting Agency
You should then set up a fraud alert with either Equifax, Experian or TransUnion that you can place on your credit report to make it more difficult for the attacker to open a new account in your name.
Scan Your System for Malware
If you have antivirus software installed on your device, all you need to do to scan your system for malware is to launch the program and then click a button that usually says something along the lines of “Run a Complete Scan” or “Scan for Viruses”. Be sure that the security software on your computer is updated prior to doing this. If malware is detected in the scan, most standard infections will be removed by the software. For those who are not tech savvy, it may be a good idea to have your device scanned for malware and viruses by a professional.
If your files have been locked by ransomware downloaded from a malicious attachment in a phishing email, we recommend that you work with a team of ransomware recovery experts who should be able to advise you on whether or not you should consider paying the ransom, provide you with an individualized step-by-step recovery plan and assist you in the recovery process. (It should be noted that it is now illegal to pay ransom to hackers who are subject to U.S. sanctions - whether or not the victim or facilitators are aware of these sanctions.)
Critically Important - Learn from the Incident!
Going forward, always take adequate time to stop and think before interacting with an email in any way. Stay informed about the latest phishing techniques, keep your browser updated, protect accounts with multi-factor authentication (MFA) and never share personal or financially sensitive information over the Internet.
It is also crucial that you are aware of and alert for common signs of a phishing attack, which include:
- An urgent request for personal information
- Spelling and/or grammatical errors
- A suspicious or general salutation and/or signature
- A tone that is unexpected from the supposed sender
That being said, the single most effective method of preventing phishing attacks is investing in a comprehensive, fully-managed email security solution.
“An Ounce of Prevention is Worth a Pound of Cure”
When it comes to phishing and other malicious email-borne attacks, prevention is far better than remediation. With the average financial cost of a data breach reaching a staggering $3.86 million, no business can afford the aftermath of a cyberattack due to an ineffective email security strategy. Remediation is difficult, expensive and, in many cases, a full recovery is not possible. Thus, effective email security is an investment that continues to pay off - both in terms of safety and business success.
The best method of safeguarding business email against phishing and other modern threats is ensuring that your organization has implemented a multi-layered supplementary email security solution that fortifies cloud email with critical real-time security defenses designed to fill the voids in built-in cloud email protection. Defense-in-depth is an essential element of any successful email security solution - no single piece of security software alone is capable of detecting and blocking today’s array of advanced email attacks. Securing email accounts in this heightened digital threat environment requires multiple innovative features and technologies including malicious URL protection and layered email authentication protocols designed to work harmoniously both with each other and with built-in email defenses.
We recommend selecting a fully-managed solution that is accompanied by ongoing expert around-the-clock system monitoring, maintenance and support. This critical, yet often overlooked, element of effective protection simplifies administration, enhances security, delivers a rapid return on investment (ROI) and provides an invaluable peace-of-mind, knowing that the security of your company’s most critical assets is being overseen by a team of experts.
Have additional questions about phishing prevention or recovery? Leave a comment below and one of our security experts would love to help you out. Ready to partner with an industry leader in securing your users, your data and your brand against phishing and other dangerous, costly attacks? Let’s get in touch.>
Stay tuned for Part Two of this mini series: The Aftermath of a Cyberattack: Ransomware Recovery Basics.
- Effectively Securing Business Email Accounts: Are Employees the Weakest Link?
- Encryption: An Essential Yet Highly Controversial Component of Digital Security
- Business Email Security Redefined: Key Benefits of Securing Your Business Email with Guardian Digital
- 8 Business Email Security Best Practices
- Demystifying Email Encryption: Stop Sender Fraud
- Demystifying Phishing Attacks: How to Protect Yourself Now
- Demystifying Tax Fraud: How to Avoid Falling Victim to Deceptive, Costly Scams This Tax Season
- Coronavirus Phishing Scams are On the Rise - Is Your Business Email at Risk of Infection?
- Dave Wreski: Founder of Guardian Digital – Open Source Cloud Email Security
- New Ransomware Warnings: Is Your Business Safe from This Silent Threat?
- FBI: Existing Cloud Email Protection Inadequate Against Phishing, Ransomware
- Email Risk is Universal: Securing Business Email in Every Industry Sector
- How To Safely Navigate Office 365 While Working Remotely
- Tips and Advice for Staying Safe Online During COVID-19
- Why Your Business Needs Better Email Security
- Defending Against COVID Email Spoofing Attacks with DMARC
- You’ve Got Mail: How To Tell If It’s Fraud
- Open-Source Security Is Opening Eyes
- Think Like A Criminal: How To Write A Phishing Email
- The Four Biggest Email Threats Your Business Faces Today
- Everything On DocuSign Phishing Attacks in 3 Minutes
- Understanding Payload-Less Email Attacks in Under 3 Minutes
- Demystifying Fileless Malware in Less than 3 Minutes
- How to Protect Sensitive Data & Maintain Client Trust in Financial Services Industry
- Exchange Servers Are Vulnerable - Learn How To Secure Your Email Server Now
- Apache SpamAssassin Leads A Growing List of Open-Source Projects Taking Steps to Correct Instances of Racism and White Privilege
- Cyber Risk Is Greater than Ever in the Legal Industry
- Understanding Malicious URL Protection - And Why You Need It to Secure Your Email
- Email Security for SMBs Beyond COVID-19
- Email Risk Is BIG for SMBs - How To Protect Your Business Now
- Email Threats By The Numbers: How Big Is My Risk?
- The Modern Email Threat Landscape: Where Traditional Defenses Fall Short
- Why Email Security Is More Important Than Ever in This 'New Reality'
- The Threat of CEO Fraud Extends Beyond the C-Suite
- Top Email Security Trends Putting Your Business at Risk of Attack
- Think Like A Criminal: What You Need to Know About Social Engineering Attacks in 2020
- Managed Services: A Key Element of Effective Email Security that Even Modern Solutions Lack
- How To Secure Your Remote Workforce: Advice from Leading Security Experts
- FBI: The 2020 Presidential Election Is Under Attack by Email Scammers
- AT&T Security Researchers Identify a Correlation between Strong Cybersecurity and Business Success
- The Aftermath of a Cyberattack Pt. 1: Phishing Recovery Basics
- It Pays to be Prepared! Ransomware Preparedness & Recovery Basics
- Breaking Down Fileless Malware: Anatomy of an Attack
- Office 365 Email Is Vulnerable to Attack Without These Critical Supplementary Defenses in Place
- Your Current Approach to Email Security May Not Be Enough
- Ways to Prevent Email Account being compromised in a Breach
- Celebrating 20 Years of Revolutionizing Digital Security
- IBM Closes its $34 Billion Acquisition of Red Hat
- Interview with Security Expert and Author Ira Winkler
- What is Phishing Email? How to prevent Phishing email scams?
- Ways Our Business Email Exceed Your Expectations
- Spear Phishing Protection - Definition & How To Recognize Spear Phishing Email
- What is Whaling (Whaling Phishing)? & How to Prevent Whaling attacks?
- Ransomware Attack Explained - Best Practices For Ransomware Protection
- Business Email Compromise (BEC) - Definition & Prevention From BEC Attacks
- Wire Transfer Scams Involving Real Estate Transactions: How to Prevent Fraud with Effective Email Security
- Guardian Digital and Mautic: A Dynamic Open-Source Duo
- Email Malware - How to Recognize & Prevent Malware Email Attack
- An Open-Source Success Story: Apache SpamAssassin Celebrates 18 Years of Effectively Combating Spam Email
- What is Spam Email - Types & How to Prevent Spam Emails?
- Email Virus - Complete Guide to Email Viruses Plus Best Practices
- What Is A Zero-Day Attack & How To Prevent Zero Day Exploit?
- 2020: A New Decade of Digital Threats - Is Your Business Email Secure?
- Linux: An OS Capable of Effectively Meeting the US Government’s Security Needs Heading into 2020
- Email Security: Complete Guide on Email Protection & Types of Email Threats
- Guardian Digital Keeps its Customers Protected from Intel Design Flaw
- Security Spotlight: Open Source Email Security Solutions
- Top Six Advantages of Open Source Development/Products
- Python and Bash - Contenders for the most used scripting language
- Guardian Digital Outlines Top 4 Benefits of Choosing Cloud
- Unrivaled Protection Against Today’s Most Dangerous Threats
- Guard Your Email Accounts Against Today’s Most Dangerous Threats
- Security Highlights from Defcon 26
- Linux / Open Source FAQs: Common Myths / Misconceptions
- Email Security FAQs Answered by Guardian Digital
- Guardian Digital Mail Systems: Designed to be Secure Without Fail