According to a new threat report, there’s been an 782x increase in the number of phishing cyberattacks in Q2 2018 alone. eSentire Threat Intelligence also reports that two industries with a strong small business presence (marketing and construction) were in the top five most affected.
Industries Targeted by Phishing
Small Business Trends contacted Keegan Keplinger, Data Visualization Lead, Threat Intelligence at eSentire Inc to find out more and how vulnerable small businesses can protect themselves.
Support Scams
He started by defining the threat.
“Phishing attacks are often malicious pages imitating login pages of legitimate services, harvesting any credentials entered into them,” he wrote in an email. “They can also include tech support scams where the victim is enticed to call a phone number to fix an apparent problem – usually not a real problem, just a simulated problem through the web browser (e.g. “You have a virus!” or “You need to update Chrome!”).”
Successful Attacks
Most of the successful attacks of this kind happen because someone opens a malicious link or infected attachment. The report says the number of attacks has spiked from 2000 to 1.7 million since last quarter alone.
As industries become more and more digitized, small businesses in the construction field send invoices through the Internet. Marketing companies might even deal in e-commerce completely. Both of these verticals leave entrepreneurs open to these types of online threats. At the heart of the problem are emails and attachments.
Further analysis of the attacks found most of the sources originated with Chinese based IP addresses. That’s not to say businesses that don’t have contracts in that part of the world aren’t vulnerable. Keplinger says at least part of the issue has to do with scale, and that construction and marketing businesses might not even be on the hackers’ radar.
Targeted Attacks
“It’s likely that these are not targeted attacks on those specific industries, but mass spamming,” he writes adding the hustle and bustle of the small business world might be partially to blame.
“The hallmarks we notice when examining these types of emails are exactly the kinds of things that busy employees miss when they’re simply moving from one task to another, especially when they take for granted that an email they’re reading is seemingly coming from a trusted client or partner.”
So, for small businesses in the highlighted industries and others, the question becomes what, if anything, can be done to safeguard against these crippling cyberattacks. Keplinger writes there are some red flags in emails small businesses need to watch for.
Email Attacks
“Phishing emails have grown increasingly sophisticated, designed to look similar to emails with legitimate professional branding. It’s especially important that all employees learn to be wary of emails requesting user account credentials or personal details – and to confirm with their IT departments if they see something that doesn’t seem right.”
One of the other issues centers around one of the innovations that can make small businesses more productive. The report also found that remote workers often use D-Link home routers which can leave these workers vulnerable when they’re working away from the commercial grade routers in offices.
Construction, marketing companies and any businesses that use the Internet needs to be wary of hackers that pose as legitimate services too. Keplinger points out that DocuSign, a service used to sign documents and contracts remotely, has been targeted. PowerShell, another legitimate program handling administrative tasks also showed up in the report.
Steer Clear
Employees and small business owners alike can do their part to steer clear of phishing. They can start by looking at the content of emails and attachments for a lot of spelling and grammar mistakes. Website addresses with unusual additions in the URLs are another giveaway like dr0p.box.com.
Keplinger offers up a quick check.
“Hover over links to see their true address – does the URL match up with what it’s claiming to direct you to? Sometimes the text of the link doesn’t match the actual address… a red flag.”
Finally, virus protection needs to be constantly updated—patched and security updates need to be checked and should be applied to individual workstations.
Photo via Shutterstock