Public Warned Versus Phishing Attacks
Phishing is defined as an attack that uses deception to trick people into giving away sensitive information or taking actions that compromise security.
The Cybercrime Investigation and Coordinating Center (CICC) on Monday, Oct. 23, warned the public against popular phishing techniques used by hackers worldwide as the Department of Information and Communications Technology (DICT)’s attached agency also called on those subject to phishing attempts or victimized by such hacks to report incidents to its hotline.
DICT Undersecretary Alexander Ramos, the CICC’s executive director, said that US security and intelligence agencies have released a 14-page phishing guide that they are also using in a bid to educate the public on the common phishing attacks employed by hackers worldwide so that Filipino netizens and data subjects could better protect themselves from such nefarious online activities.
Ramos added that the US agencies, composed of the Cybersecurity and Infrastructure Security Agency, National Security Agency, Federal Bureau of Investigation and the Multi-State Information Sharing and Analysis Center, released the “Phishing Guidance: Stopping the Attack Cycle at Phase One” with a simplified version of the guide in the article titled “US Government Releases Popular Phishing Technique Used by Hackers” that was published by cybersecuritynews.com last Friday, Oct. 20.
The guide defines phishing as an attack that uses deception to trick people into giving away sensitive information or taking actions that compromise security.
“Phishing is often the first stage of a larger attack that can lead to data breaches, ransomware infections, identity theft and other serious consequences,” the guide said.
It added that there are two main types of phishing: phishing for credentials and phishing for malware.
Phishing for credentials is a phishing attack where hackers pretend to be someone a user trusts and asks the user to provide his log-in credentials, which hackers can then use to access the user’s systems or resources.
The attack is done by sending emails that look like they come from one’s boss, co-worker or IT staff; using text messages or chat platforms to trick one into giving his log-in credentials; or using internet phone services to fake caller IDs to make one think that the call is from a legitimate number.
To stop the phishing attack, one should train oneself and others to spot and report suspicious email messages.
Netizens should use Domain-based Message Authentication, Reporting and Conformance for email and set their DMARC to “reject: for outgoing emails.”
The guide advised people to also monitor internal email and messaging traffic and to use strong multi-factor authentication for their credentials and check MFA lockout and alert settings, as well as use single sign on for centralized log-ins.
Meanwhile, phishing for malware is an attack where hackers pose as a reliable source and make one interact with malicious links or email attachments that can run malware on one’s device.
A hacker’s main objective is to send to a user links or attachments that necessitate the downloading of a malware, or to use smartphone apps and text messages to deliver malicious content.
To stop this type of malware attack, one should use “denylists” at the email gateway and firewall rules to block malware delivery.
One should also refrain from giving another user administrative rights, apply the principle of least privilege, use application “allowlists,” disable macros by default, use remote browser isolation solutions and use protective Domain Name System resolvers.
“If you experience a phishing incident, you should take steps to reset compromised accounts, isolate affected devices, analyze and remove malware and restore normal operations,” the guide said.
“Reporting any phishing activity to relevant authorities is important in identifying and mitigating new threats. Phishing attacks are a major threat, but with effective training, security measures and incident response procedures in place, you can significantly reduce your risk of falling victim to these attacks,” it added.
The CICC encouraged the public to call its Inter-Agency Response Center hotline at 1326 to report phishing attacks.