<img src="https://ws.zoominfo.com/pixel/PMY3ZvbpZt27ywWwZSBB" width="1" height="1" style="display: none;">

Production Print & Finishing

Maximize your business potential and open new revenue possibilities with start-to-finish production print and wide format solutions from EO Johnson and Standard Dynamics finishing solutions.

Business Copiers & Printers

You demand multifunction copiers that are easy to use and cost-efficient. With thorough training and prompt service response, you’ll find EO Johnson’s copiers are as dependable as you are.

locknet-dark

Locknet® Managed IT

Locknet® Managed IT offers security, network defense, backup and managed services to help businesses in Wisconsin, Minnesota, and Iowa develop successful technology strategies, whether you’re small to medium sized, regulated, non-regulated, or have little to no IT staff.

Digital Transformation Consulting

Our solutions help you with a specific document need or work together for a powerful combination to increase efficiency and productivity.

Support

With more than 85 technicians throughout our service areas of Wisconsin, Minnesota, and Northern Iowa, we have someone close by to help. The average response time for a technician to arrive at your site is under 4 hours. 

e-Info Client Portal 
Remote Support Portal 
decreased_demands_icon
Place a Service Call

For Copier and Printer Service
844.342.5365

For Production Print and Finishing
844.236.7567

EO Johnson Locknet® Managed IT Services
877.408.1656

Software Solutions
844.304.8791

Fill Out a Service Form

A Closer Look at Three Types of Phishing Attacks

4 min read

hero_angles

What they are and how to avoid them

Phishing is among the biggest cyber threats facing businesses today. An estimated 91% of incidents that end in a data breach start with a phishing email. Phishing is a favorite tool of hackers, so it’s important to understand and recognize it. We’ll take a closer look at three concerning varieties of phishing to learn what to look for and how you can avoid being a victim of a cyberattack.

What is phishing?

Phishing is a kind of cyberattack used to steal users’ sensitive data like personal information, login credentials, and credit card numbers. A phishing attack is often carried out with fake emails and the cloning of legitimate websites to trick users into revealing sensitive information.

Three types of phishing attacks and how to avoid them

 

Spear Phishing

Spear phishing is the most common type of specialized phishing attack and can be aimed at anyone at any level in an organization. Spear phishers gather information about you, so they legitimately look and sound like the person or entity you trust. When successful, unsuspecting victims often willingly hand over their information, which can include data that allows these scam artists to log into your accounts, gain access to your finances, or hack your data. Victims will also click on links and attachments, unknowingly downloading malicious codes or malware attachments.

Tips to Avoid Spear Phishing

  • Be cautious of urgent email subject lines.
  • Don’t click on suspicious attachments and links.
  • Watch for grammatical errors in the content.
  • Verify the sender’s email address.

NEW HR MESSAGEThings to look for: urgency in the subject and body; whether the sender’s email address is in your outlook address book; don’t click on links you aren’t sure about.

 

Whaling

Whaling is a more targeted type of spear phishing that takes aim at senior executives and CEOs. This type of phishing message is crafted to imitate a company executive or to fool a company executive into thinking the message is from a trusted source. Impersonating someone the victim knows differentiates it from spear phishing. A company executive is an ultimate prize for cybercriminals as the boss can access information and resources that no other employee can reach. Attackers use whaling to gain access to money, attack a supply chain, steal intellectual property, and distribute malware.

Tips to Avoid Whaling Attacks

  • Ask yourself if you were expecting the communication.
  • Review the communication for unusual urgency or expression.
  • Check if the email address is consistent with the naming convention of your company.
  • Ensure senior executives are educated on what to look for.

NEW WIRE MESSAGEThings to look for: an unusual request; urgency in the body; don’t click on attachments you aren’t sure about.

 

Angler Phishing

Angler phishing is a newer type of attack involving social media. Often, attackers entice the target to interact with a fake page so they can capture the victim’s personal information. Cybercriminals are adept at imitating messages from any social network to lure unsuspecting victims. They use email, direct messages, posts, and comments to conduct phishing. In one of the most common scenarios, the bad actor is pretending to be a customer service representative. The attacker finds people who are complaining online about a business and then responds to their problem before the legitimate company does by using a spoofed social media account. The spoofed account will often have an official-looking logo and content. If personal information is provided to the attacker, it can then be used for identity theft. And if a victim clicks on a link, they can be taken to a fraudulent website where their login credentials are stolen.

Tips to Avoid Angler Phishing

  • Consider whether you have received a message that looks like this before.
  • Read the account name carefully to make sure everything is spelled correctly.
  • Look at the number of followers - a customer service account shouldn’t have zero.
  • If someone reaches out to you on social media, never click on a link.
  • When in doubt, reach out directly instead.

NEW FB ALERT_v2

Things to look for: whether you have received an email like this before directly from Facebook; whether you have a direct message from someone in Facebook Messenger; the vagueness of “someone”; don’t click on a link to a login screen where someone can capture your credentials.

 
Education for employees

Even with the best tools, malicious contacts and emails will still get through. When that happens, the only thing preventing your organization from a breach is your employees’ ability to detect the threat and respond appropriately. Educating your employees on phishing threats and cybersecurity awareness is essential to protecting your company’s network and data. Your customers also want to know they are working with a company that will protect their data.

Locknet® Managed IT, an EO Johnson company, provides Security Education and Awareness Training to help you support a culture of security awareness in your company. When you’re ready to bring cybersecurity awareness to the forefront of your employee training program, we’re here to help. Contact us to learn more.

 

angle_down_right
click_Icon

angle_up_middle

No Comments Yet

Let us know what you think