Blog
Traps and lures abound in cyberspace

A cautionary tale on “phishing”

Scams and scandals are not new. Take for instance the infamous Trojan Horse swindle. According to legend, this deception took the form of a huge hollow horse in which a troop of canny Greeks hid within as it was wheeled through the main gate of Troy.

Under cover of darkness, an armed squad climbed down from their high horse and caused no small stir in the city.

The art of deception

Such hellenic flip-flam has thereafter stood as a cautionary tale to expose any kind of con on the unwary.

From trick pony contrivances to cyberspace fishiness, one of the most fraudulent hoaxes going around today is something better known as “phishing.” (Not to be confused with “fishing” – though there is a fishy connection).

Baiting the hook

Consulting the OXFORD dictionary, we find the noun “phishing” describes the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to part with personal information.

The dodge works like the old Red Riding Hood fable: an attacker (the wolf) sends you a faked message (dressed in grandma’s nightgown and bonnet) hoping to lure you into revealing sensitive information to them, or to embed malicious software like ransomware on your computer.

All is not as it seems

According to online sources, the term phishing originated from the greater and less than symbols “<><” —a prevalent HTML tag found in all chat records.

It could not easily be detected or filtered. The symbol <>< was used for any phrase that referred to stolen credit cards, personal accounts, or illegal game-play. Since the symbol looked fish-like, it earned the name “Phishing”.

Traps and nets

Savvy cybercriminals camouflage phishing emails so well it can be very hard to spot the fake. Alarmingly, phishing emails have six times the click through rate of authentic marketing emails.

Highly sophisticated phishing emails lead to sensitive data breaches or malicious code that can have serious side effects for business.

We help you spot the difference

Phishing attack simulation and training for your end users is now available from Cicom.

Keep your users and your business safe with effective phishing simulations, automated training, and comprehensive reporting from Sophos Phish Threat.

Contact your Cicom Ops team to discuss the ways we can help your staff remain alert and in control over fraudulent phishing emails and keep your business safe from cyber security threats.

 

Got questions? We have answers.

Feel free to give us a call or use the form below to get in touch.