Phishing

SRA 221

Professor David Hozza

April 11, 2018

What Tyler Shvartser

Who David Mollin

When/Where Tristan Tran

How Olivia Weiss

Why Nick Gallo

BLUF
 Our security team has put together this report to address the various aspects of a very

prevalent type of cyber attack called Phishing. Phishing occurs when an attacker poses as a

legitimate institution or persona. The attackers lure individuals into giving away their sensitive

information without the user being aware. This type of maliciously acquired information is then

used by the attacker to infiltrate a network and/or steal data to benefit themselves. Attackers

motives may be financial, retaliation, or simply anything that will lead them to their ultimate

goal.

Phishing attacks are most often implemented via email because of its large role in

communication today. The attacks are often made to spread, and infect a group of users. The

more users attacked, increases the likelihood of its success. Phishing attacks are generally

stigmatized as being targeted at younger or older individuals. Although these groups of people

are susceptible to phishing because of their lack of security knowledge, large corporations are

also a big target for attackers. Through better security within a network infrastructure, these

malicious attempts to disrupt our corporation can be stopped.

Report

Phishing is “the fraudulent practice of sending emails purporting to be from reputable

companies in order to induce individuals to reveal personal information, such as passwords and

credit card numbers.” It is a serious attempt at gaining information from somebody that can go

widley unnoticed while being deliberately believable. It could be an email from say a CEO that's

company wide, replicating every aspect of a typical email with one minor letter change. This

change can go unnoticed and the emails link could lead to a fraudulent website that steals the

persons information or gives somebody access to their machine that they are unaware about.
Phishing is a dangerous act of cyber warfare that can be achieved with minimal ease and is

dangerously hard to spot if untrained.

As a company, employees should be trained to look for the signs of a phishing attempt.

Emails from company officials should have specific cues that are hard to replicate or information

only employees within the company could know. The problem lies in employees not seeing the

difference between an official email and a phishing one because they are so easy to replicate. If

the email contained logos and specific information only relevant to company wide emails.

Phishing attempts would be harder to hide and succeed as employees have a better chance of

spotting the inconsistency within. If more care is taken to specific format cues and things of the

such that employees are trained to look for, attempts at copying it would be very difficult.

Additionally, at the highest defense employees could follow a company rule not allowing the

email to be seen by anyone's eyes on their own with forwarding and replying restrictive

guidelines.

Phishing occurs when someone online pretends to be someone they are not in order to

trick the user into giving the attacker personal or confidential information. Phishing impacts us

because when sensitive information is stolen, the attackers will use that information in their

favor. For example, the most common phishing attacks occur with emails. Let's say you open

your email and there is an alert in your inbox from your supposed bank. Clicking on the link in

the email could bring you to a website that looks like the real, say “bankofamerica.com” but it is

slightly different. The different website that looks almost identical will have you enter in your

bank information, giving the hacker access to your credentials.

This impacts us because users need to be aware of phishing and need to be able to stay

away from any potential attacks. When the attacks do occur, sensitive information such as credit
card numbers, social security numbers, health records, and much more can be compromised,

stolen, and shared. This directly relates to confidentiality in the CIA triad. When phishing attacks

occur, there is an increase risk of confidentiality being compromised to the users.

Everyone in today’s technology-based world, should be concerned with being on the

opposite end of a phishing attack. The people who should be most worried about this type of

malware are people who use technology the most. The people who use the internet the most also

have the highest amount of accounts on the internet, whether it be social media, bank

applications or news subscriptions. The common theme is, most things on the internet use a

person’s email address as an authentication method, which is something attackers using phishing

techniques look for. Email is the number one delivery vehicle for phishing, according to a study

done by Verizon in 2016. This means that people with many accounts are more likely to have

their email address found by attackers.

Another user domain that should be informed about phishing is people that work in a

business-related field. Entering a company’s network is something valuable for an attacker.

There are multiple things like financial records or employee personal information, that someone

conducting a phishing attack, would be interested in. Often times CEOs are targeted because it is

easier for an attacker to distribute a phishing email through a high-ranking officials email

address. All the attacker needs is for one employee to fall into their trap, so they can gain a

foothold in the company’s network.

Phishing was first mentioned by name in 1996, in a chatroom hosted by AOHell, a hacker

discussion site. Would have little economic impact though until 2001, when phishers targeted the

company E-Gold. While the attack was unsuccessful, it would show the entire world that people

could be tricked into giving out their personal information. In 2003, dozens of phishers acquired
the domains of dozens of sites that at a glance, looked similar to legitimate sites like eBay and

PayPal. By the next year, phishers realized the untapped gold mine that was others’ personal

information. Ever since, reported phishing attacks have increased exponentially.

Phishing attacks most commonly occur through email, getting a user to click on a link

they believe is reliable, but in truth it’s a site set up by the phisher so that the user will give out

their personal information. A study found that the majority of phishing attacks originate from

China and Russia. In 2009, 25% of phishing emails was traced back to the US and China.

Unsurprisingly, the countries with the most cybercrime activity are the ones home to the most

cybercriminal hosts. Namely China, the US, France, Brazil, and the U.K. Countries experiencing

economic uptick and strong political incentives have the most reason to take part in these attacks.

Phishing attacks have serious implications in our world today. A successful phishing

attack can steal not only money but your personal identifying information. In an article on

silicon.co Hatem Naguib Senior Vice President at Barracuda highlights why phishing attacks

don’t get as much attention as they should. Phishing attacks are a social engineering hack that

specifically target one individual. Naguib believes that phishing attacks aren’t due to the personal

nature of phishing attacks, although they can have company wide implications. It’s important to

educate company personnel and everyday citizens on the attacks. Phishing attacks often look like

a message, often times an email, from someone you know and communicate with regularly. But

with a trained eye and taking certain precautions phishing attacks can be prevented.

Companies and corporations need to be especially wary of phishing attacks. With a more

recently introduced discipline of phishing called spear-phishing, hackers have been known to

target individuals within an organization, use publicly posted information, and exploit them with

knowledge of their coworkers names etc. In an investigation conducted by Verizon called

“Verizon Data Breach Investigations Report (DBIR) phishing was the method used in two thirds

of all cyber-espionage incidents. The report also highlighted two shocking statistics, users open

23% of phishing emails sent, and 11% of the attachments in those emails. When one of ten

people click on that attachment hackers have the ability to steal their identity, commit financial

fraud, steal intellectual property, and even commit espionage for political or economic gain

depending on the target. With all of this data and confidential information at risk companies and

individuals need to begin being more active in their defense. Companies should take serious

measures to educate their personnel on common phishing tactics, and establish a procedure when

emailing confidential information to thwart any possible attacks.

 Work Cited

Brecht, D. (n.d.). Phishing Targets. Retrieved April 10, 2018, from

http://resources.infosecinstitute.com/category/enterprise/phishing/the-phishing-

landscape/phishing-targets/#gref

Crowe, J. (n.d.). Phishing by the Numbers: Must-Know Phishing Statistics 2016. Retrieved

April 10, 2018, from https://blog.barkly.com/phishing-statistics-2016

What is Phishing and how does it affect email users. (n.d.). Retrieved April 8, 2018, from

https://usa.kaspersky.com/resource-center/preemptive-safety/what-is-phishings-impact-

n-email

Spear Phishing Attacks Needs To Be Given The Attention They Deserve. (2017, July 06).

Retrieved April 12, 2018, from

https://www.silicon.co.uk/security/spear-phishing-attacks-attention-

216687?inf_by=5aceac13671db8f55b8b4d24

Spear Phishing: Real Life Examples. (2017, March 02). Retrieved April 12, 2018, from

http://resources.infosecinstitute.com/spear-phishing-real-life-examples/#gref

History of Phishing. (n.d.). Retrieved April 11, 2018, from phishing website:

http://www.phishing.org/history-of-phishing