Blog WatchGuard

How to Identify & Prevent Phishing Attacks

Phishing attacks are one of the most common online scams. While these attacks are nothing new, the methods used to execute them are constantly evolving. Today, hackers are taking advantage of automation and other advanced techniques to increase the scale of phishing campaigns and better target victims.

Regardless of the method, the goals of phishing attacks remain largely the same – to trick individuals into visiting fake websites that harvest the victim’s login credentials and other personal info, transfer money and deliver malware. Information stolen via phishing is often sold on the dark web and/or used by attackers to gain access to network resources or for fraud and identity theft. Attackers often try to pass themselves off as trusted individuals or organizations.

Phishing attacks have also gotten more personalized. Whereas standard phishing emails entail sending fraudulent emails in mass attacks while posing as a legitimate organization or person, spear phishing attacks target a specific person or organization and tend to be customized and detailed, making them more challenging to detect. Automated phishing tools and programs that scour social media networks and other places on the web where people post personal information are improving and accelerating the intelligence gathering that attackers conduct in order to personalize and target spear phishing. While these sorts of attacks require more effort, they tend to have a higher success rate.

Unfortunately, the reality is that if you’re online, you’re going to be the target of phishing. That’s why it’s so important for every individual user to do their part to stop phishing.

Common Signs to Identify Phishing Attacks

Phishing is a popular form of cybercrime because of how effective it is. Cybercriminals have been successful using emails, text messages, and direct messages on social media or in video games, to get people to respond with their personal information. The best defense is awareness and knowing what to look for. Most phishing emails and messages come with a sense of urgency. Be wary of communications that ask you to act immediately. It's better to be safe than sorry, so slow down and ask for help if you’re not sure if a message is legitimate.

Here are some other ways to recognize a phishing email:

  • Suspicious requests: Keep an eye out for requests from managers or co-workers that seem out of the ordinary. 
  • Take note of misspellings and poor grammar: This is often an indicator that an email or text is from a bogus source.
  • Check the full email address (or phone number) of the sender: Help ensure the message is from a legitimate source. Delete it if it doesn't look right, but also keep in mind that attackers can spoof email addresses if your domain doesn't have the proper protections (like DNS filtering). 
  • Links to unknown destination pages: In general, avoid clicking on links in correspondence. But always check the domain before you click to ensure it matches the site you intend to visit. (It’s always safer to type website addresses in manually.) 
  • A file attachment:  Never download files from unfamiliar senders. Seriously, never.  

8 Tips to Prevent Phishing Scams

1. Don’t click on links or open attachments:

As we said, this is one of the main ways to identify a phishing attack. If you suspect that an email message is a scam, don't open any links or attachments that you see. Instead, hover your mouse over (but don't click) the link to see if the address matches the link that was typed in the message.

2. Use  network and email security:

Ensure your company deploys email security tools that filter emails from malicious senders. Good filters evaluate if the received email message is suspicious and put the message in the spam folder or block it altogether. But email filters may not be enough. You need to use both desktop and network firewalls to create a shield of defense against outside intruders. Firewalls monitor and filter incoming and outgoing network traffic based on your company’s pre-defined security policies and can apply security services like DNS filtering to block connections to known malicious destinations.

3. Keep your browser updated:

Always update your browser. Regular updates are necessary and can improve your protection against phishing. Always keeping up to date with your software ensures that you are also up to date with modern cyberattacks and phishing attack methods. Software updates often patch holes in security and correct vulnerabilities in older versions of the software. Since your browser is the first line of defense against phishing attacks, make it a point always to update your web browser.

4. Maintain password security:

Whatever you do, never give away passwords, PINs, or 2FA codes via email, text, or phone calls. Companies will never ask for this kind of sensitive information. If you’ve got online accounts, you should regularly review your passwords against lists of known breached passwords. A secure password manager can help by storing your login credentials in a safe space to which you always have access while automatically looking out for ones that become breached. This way, you can use strong passwords for all of your accounts without forgetting them.

5. Be careful about giving out personal information:

As a rule of thumb, never disclose personal information on public websites where everybody can see your private information. Many voluntarily reveal sensitive information without realizing this data can be picked up and used during a spear-phishing attack. If the URL of the website doesn’t start with “https”, or you cannot see a closed padlock icon next to the URL, do not enter sensitive information or download files from that site. Sites without security certificates may be intended for phishing scams.

6. Be wary of pop-ups:

One famous trick hackers use when designing malicious pop-ups is to have a cancel button as a part of the pop-up. Never click a cancel button inside a pop-up, as it will likely redirect you to a phishing site. Always close pop-ups using the X sign in one of the corners.  Thankfully, all modern web browsers allow you to block most types of malicious pop-ups.

7. Deploy two-factor authentication (2FA) or multi-factor authentication (MFA) for all your users:

Any two-factor authentication method can prevent phishing to some extent. Still, a particular category of phishing-resistant multi-factor authentication methods is especially effective against phishing.

8. Forward suspicious emails to your IT or security department for closer inspection:

To report phishing attempts, spoofing, or to report that you've been a victim, visit the Internet Crime Complaint Center (IC3) to file a complaint. For more information on safeguarding your information, visit Stop Ransomware.

Stopping phishing starts with being vigilant. Above all else, think before you act. One thoughtless click could put your personal information or your company’s critical data at risk.

How WatchGuard Can Help You Protect Against Phishing Attacks

MSPs and MSSPs can better protect their clients by partnering with WatchGuard to implement hardware and software solutions that automate phishing protection and provide education to end users in real time.

WatchGuard’s Firebox devices and endpoint solutions provide DNS-level protection and content filtering. And if employees click on a malicious link, they can be immediately redirected to resources that provide education about phishing attacks and best practices for prevention.

Additionally, WatchGuard’s Unified Security Platform® provides precise analyses for each blocked attack and delivers it to IT administrators and MSPs for context and internal action.