A fine kettle of phish


Help Prevent Cyber Attacks from Gaining Access to JT4’s Network

In May of this year, fuel prices across the country soared due to a ransomware attack against the largest gasoline pipeline in our nation. This was just one of many high-profile cyberattacks that have occurred over the past few years and cost companies billions of dollars. How do cybercriminals gain access to a company’s critical infrastructure? While there are many methods they may employ, two of the most popular are phishing and spear-phishing. Both involve socially engineered emails, which are sent to unsuspecting employees.

What Are Phishing Campaigns?

Phishing campaigns do not target specific individuals. Emails are sent to hundreds or even thousands of people at random with the expectation that a few may fall for the bait. The email is disguised to look legitimate and appear as though it is being sent from a trusted company. The subject line will seem plausible, but it will contain malicious attachments or will attempt to lure you to a fake website that will ask you to enter sensitive information like your social security number. You can usually detect a phishing attempt using a little scrutiny. For example, real companies will:

  • address you by name and not “Dear valued customer;”
  • have a domain email address;
  • use spellcheck;
  • not request sensitive information through an email;
  • not include unsolicited attachments; and
  • only send links to legitimate URLs.

Spear Phishing

Spear-phishing attempts do target specific individuals. Cybercriminals scour company websites and social media sites (e.g., LinkedIn, Facebook, Twitter, Snapchat) to determine where an individual works. They will guess the recipient’s email address by trying various combinations of their name. The email will appear to originate from an employee within the company, often company leadership, thereby exploiting your trust. Spear-phishing attempts can also be easy to spot. JT4 colleagues will:

  • have a JT4LLC.com or .mil email address (hover on the display name to verify);
  • probably not ask you to wire them $5K while they’re stranded on vacation (unless you are really good friends, so call first to verify); and
  • likely have a legitimate signature block (or at least they should, so please refer to the company style guide).

To help employees remain vigilant, JT4’s Corporate Help Desk will soon flag all emails from external and unrecognized sources. In other words, all emails not originating from the JT4 server or trusted business partners will be flagged. Handle these emails with extra care, and follow the directions in the corresponding disclaimer if you consider the email to be suspicious. If everyone takes the extra effort to watch out for the warning signs listed above, we can protect JT4’s network from unauthorized and malicious activity.