Managed IT Service Explains Four Common Cybercriminal Phishing Emails

Mobile Computer Services, Inc. Managed IT Services Leave a Comment

Dental practices, veterinary clinics, and small businesses must keep their guard up in the effort to maintain cybersecurity. Vulnerabilities can spell disaster. IT managed services are a burden that most small businesses are unable to shoulder alone. An outsourced managed IT solutions provider, such as Mobile Computer Services, Inc. of Wake Forest, is an affordable way to gain the cybersecurity every business needs to stay safe and functional in the “new normal” of accelerated cybercriminal activity.

Four types of phishing pose a critical threat to dental practices, veterinary clinics, and small businesses:

  1. Spear phishing
  2. Clone phishing
  3. Whaling
  4. Pop-up phishing

Spear phishing

The majority of phishing emails targets large groups of people. Spear phishing is a type of attack that is more personalized and individual in its approach and focus.

A spear-phishing email, as the name implies, targets a specific individual, business, or organization. Dental practices and veterinary clinics are prime examples of entities that this variety of phishing expedition would single out. The scammers who spear phish invest time to research their niche targets. This more sophisticated phishing is sometimes referred to as social engineering. The emails are configured to closely resemble legitimate sources.

In 2016, millions of Amazon customers received an email containing the same subject line message about an order status with an order code following directly after it. Upon opening the email, consumers found no message, only an attachment. Customers who opened the attachment put themselves or their companies at risk of installing ransomware on their computers or other devices.

Another example of spear phishing emails specifically involves small businesses, including dental practices and veterinary clinics.  The target, in this instance, might be a company employee. The email may seem to originate from higher up the management chain, and it requests access to sensitive company information. If the spear-phishing target responds, a data breach could ensue in which company or employee information is accessed and stolen.

Clone phishing

Another type of malicious phishing, clone phishing, is very difficult to detect. This phishing attack involves creating a version of an email that victims have already received. The email address is very close to the address of the original email, and the formatting of the body of the email resembles the original email, as well. The only difference is the attachment or link in the message has been changed. Unwary victims who click on the link or open the attachment will be taken to a fake website or open an infected attachment. This type of email phishing requires a keen eye and attention to detail to notice.

Whaling

Some phishing expeditions focus on the large catch, the whales. Whaling attacks target chief executive officers, chief operating officers, or other high-level executives in a business. The phisher’s aim is to con these powerful individuals into divulging sensitive corporate information. Any key decision-maker with sensitive information qualifies as a high-value target, including dentists and veterinarians, as well as other small business owners.

These attacks require a higher level of sophistication and much more research. The scheme usually relies on fraudulent emails that seem to originate from trusted colleagues within the company or from legitimate external agencies.

Pop-up phishing

Pop-up phishing utilizes pop-up ads to entice users into installing malware on their computers. The ads may seek to convince the recipient to purchase unnecessary antivirus protection. Scare tactics may be employed. The user might be warned that their computer has been infected with a virus and the only remedy is to install a particular antivirus software. Upon installation, the user discovers this software is non-functional. Sometimes the supposed remedy actually infects the computer with malware.

How can a dental practice, veterinary clinic, or small business protect against a phishing attack?

Small businesses can take simple, common sense, proactive steps to avoid being scammed by phishing expeditions. The application of several commonsense principles and a healthy dose of suspicion are a good combination when dealing with potential cybercrimes. Cybercriminals are smart. Their subtle machinations can hook the most astute business owner or employee. The following principles will help safeguard against falling for the scammer’s tricks.

  • Delete suspicious emails.
  • Do not click on suspicious links in emails.
  • Do not send financial information through email.
  • Avoid clicking on pop-up ads. Hackers can add fraudulent messages that pop up when the victim is visiting legitimate websites.
  • Protect computers and other devices with strong, multi-layered security software.

Managed IT services are indispensable for cybersecurity in the twenty-first century. An outsourced IT support service is an affordable strategy to gain bullet-proof security and achieve peace of mind. For more information about IT solutions that work, contact Mobile Computer Services, Inc. of Wake Forest by phone at (919) 230-2900.

Leave a Reply