IDENTIFYING EMAIL PHISHING

Identifying phishing email

As a Fragtel Corp customer, we would like to notify you of a growing number of phishing attacks that are targeting businesses like yours. In particular, they are phishing attacks sent to procurement agencies, distributors, suppliers or vendors notifying them of supposed undelivered messages in an inbox, instructing them to click on a link to enter their credentials.

The link does not go to any secure URL and the sender of the email is a generic account with the name of “Mail Delivery System”.

[(notices@[customer-name.com]), even though it in no way originated from them. We would like to bring it to your attention so that you can make you and your co-workers aware and be prepared if your organization is targeted. Please do not click on any links of such email and delete immediately.

At Fragtel Corp, we work diligently to protect our customers and their data within our system. Unfortunately, we often see phishing attacks that try to lure corporate customers and/or their supplier partners to provide their credentials to gain access to their digital information or gather access to their systems.

We know that bringing attention to these attacks and providing some best practices around dealing with potential phishing attacks is the first step to protecting our customers. We encourage the continual training and awareness to these attacks so that as a community we can combat and avoid any pitfalls. We would like to offer the following steps and advice that will allow us to deal with phishing attacks.

In a recent case, the email sent out appears to spoof the email address for notifications sent by one of your customers.

1. Evaluate the impact of the phishing attack.

If possible, it is good practice to determine how many of your customers/partners were affected by the attack. This is determined by the number of notifications you receive from users, a reply to a notification that is sent out to all your user base notifying them of the attack, or by noticing any scraping of publicly available information or lists.

2. Gather any forensic information to investigate source and shut down attack.

By getting the header information from the phishing emails, you can determine where the emails are originating and can file a complaint with the mail relaying host service and with the authorities. The reports and details we provide the authorities assist to increase awareness and expose tracking information to help find the originators of the scam.

3. Notify your user base to bring awareness and prevention techniques.

Preventing any impact to your system and partner accounts is the primary focus. This starts by communicating to your partners and customers and bringing awareness to the active attacks being seen. Point out techniques of how to detect and avoid falling into phishing traps. If there is evidence of an account compromise or as a

proactive strategy, this is a perfect time to suggest or require a user account password reset.

4. Train your user base on detecting phishing emails and identifying trusted.

Letting users know preventative actions such as how they should never click on strange links that do not have legitimate domains or appear odd in form. Make sure to hover over a link to see the genuine URL that a link will take you to. Be suspicious of shortened URLs like bit.ly links or tinyurls. Be very careful where you enter your credentials to any site. Make sure that the URL you are on is genuine and is spelled correctly. Many phishing attacks use slightly misspelled domains to trick a user. Try to use spam filters that are very effective in detecting phishing sites when updated regularly.

Together we can take steps to mitigate the impact these attacks have on our organizations. We hope that this presentation brings the appropriate awareness and allows you to prepare for any future phishing attacks

.

FRAGTEL CORP

CYBER SECURITY DIVISION -2018

fragtelcorp.com