It seems that a not-so-new type of phishing scam is getting a revival and recently attempted to collect money from several of our clients' billing departments. This phishing attack, known as an IDN Homograph Attack, registers domain names, or web addresses, that look almost identical to the victim organization's domain, but replaces 1 letter with a character taken from alphabets outside the default Latin script. The character is so similar that it is almost impossible to spot the difference. Here's an example: Google.com in Latin script looks identical to Google.com in Cyrillic script. But since they have different characters, the hackers are able to register it as a new domain.
Other variations of this phishing scam include registering a familiar domain but with 2 letters swapped or adding an extra letter in the middle of the domain. So, for example, instead of blackpoint-it.com, a hacker can use blackpointi-it.com or blackpiont-it.com.
What are some signs you can look for to tip you off that this is a phishing email?
The email is asking you to send someone money
The email is asking you to click on a link
The "from" email address looks slightly different than the organization's email addresses
The email has no signature
When you hover the mouse over the "from" email address, the domain that pops up looks completely different than the sender's email address
How can you prevent your staff members from falling for a phishing attempt?
Train your people! An organization's negligent employees are the number one cause of cybersecurity breaches at SMBs, which means creating a culture of security is paramount. Bring the latest news on recent cyber-attacks to your employees' attention, and make sure they know how to respond. There are a number of cybersecurity training programs you can deploy that include online classes, monthly newsletters, and deliberate phishing attempts that will help you spot which employees need a little more training.
Request a security assessment
A third party security assessment will help you identify the vulnerabilities in your network, technically and among personell. For more information about security assessments, click here to read our recent blog post about what BlackPoint's security assessments actually entail.
Contact us today to set up an appointment with a security consultant to discuss your organization's security strategy.