The number of phishing attacks is increasing because they are both easy to execute and highly effective. Even if the eventual goal of an attacker is an organization, attacks always begin by targeting individuals. Phishing attacks have been utilized to steal confidential information, compromise entire organizations, and perhaps even influence a Presidential election.
What is a phishing attack?
Phishing is a type of online attack where criminals send a fake email asking you to click a link or download an attachment, appearing to be from a legitimate source. That can be a bank, a credit card company, an email provider or popular services like Google, Ebay, or Facebook.
Phishing campaigns can be extremely sophisticated, making use of highly personalized messages that appear to come from people you know, or companies you trust. Oftentimes, attackers will try to trick you into entering your password into a web page that appears legitimate but is actually a fraudulent site which is stealing your data.
Phishing attacks can also rely on malicious software. Instead of trying to trick you into entering your password, these attacks will try to trick you into clicking on a link to an infected website, or opening an infected file, or installing malicious software on your device. For example, an attacker pretending to be your bank might ask you to review recent transactions and send over a file of recent transactions. However, opening the file will install a virus on your computer.
Defending against email phishing attacks
Fortunately, it’s not difficult to defend against phishing attacks as long as you are vigilant and comply with the following rules. These rules are generally applicable and aren’t specific to ICTMail. But as you will see below, ICTMail has several additional anti-phishing protections built in, which make it much harder to become a victim.
Protect your email address
In order to start an attack against you, attackers must first know your email address. You can’t hide your address, however, you can keep separate email addresses for different purposes. For example, don’t use your business card email address for your bank account, loan or other sensitive accounts. Choose a secure, secret one.
With ICT Mail you can use multiple addresses to keep your private address a secret. For example, if the address you use in public is email@example.com, you can create a second address firstname.lastname@example.org to use only for sensitive accounts like online banking. Thus, if somebody pretending to be your bank sends you an email to email@example.com, you can identify it as a phishing email because it was not sent to the address you use for your online banking.
Carefully verify the emails you receive
Always check that the sender is who they say they are. Phishing emails can usually be easily identified because they rarely get everything right:
the sender of the email will usually not be an official communication account. For example, a phishing email targeting ICTMail users might be sent from firstname.lastname@example.org
the link contained in the phishing email will also not be an official site either. For example, the link in the email might go to ictmai1.net instead of ictmail.net
emails can also come from people that you know, but with subtle variations
email@example.com instead of firstname.lastname@example.org (can you see the difference?)
Note, these accounts and URLs will sometimes look deceptively similar to the real thing, so be sure to check them carefully!
Keep in mind that communications from ICTMail will always come from one of the following Official ICTMail Accounts:
email@example.com and firstname.lastname@example.org
email@example.com and firstname.lastname@example.org
email@example.com and firstname.lastname@example.org
( other used accounts include email@example.com , firstname.lastname@example.org , email@example.com , firstname.lastname@example.org, email@example.com )
ICTMail Email Phishing Protection
ICTMail provides additional anti-phishing protection with PhishGuard, a set of special features designed specifically to combat phishing.
Because sender email addresses can be spoofed (e.g. an email can appear to come from firstname.lastname@example.org but not actually be sent from there), ICTMail provides an additional way to help identify whether an email is legitimate.
If the person you are communicating with is also using ICTMail (or their email is hosted by ICTMail), your communication is transmitted securely.
Sender spoofing is NOT possible between ICTMail addresses or domains hosted by ICTMail.
This also means that if your organization’s emails are hosted by ICTMail, that:
The email was sent by another member of your organization
The address is not spoofed (and therefore it is most likely not a phishing email).
These features means the phishing risk for you or your business is greatly reduced if you are using ICTMail.
To further protect users, ICTMail also supports DMARC which helps to identify emails which might be spoofed.
Protect your passwords
No organization in possession of sensitive data should EVER ask for your password via email. If you receive an unsolicited email asking you for your password, or with a link taking you to a suspicious looking website asking you for your credentials, do NOT enter your password.
ICTMail will never send you unsolicited emails or other communication asking you for your ICTMail credentials. We may occasionally ask you for login details and information if you are experiencing a login problem, but only if you initiated communication with our support team.
What to do if you’ve been hacked
If you’ve fallen for a phishing scam, there are a few things you should do immediately to recover and protect your account.
Go to Settings -> Account and verify that the Reset/notification email has not been changed or added by the hacker.
On the same Account page, change your password.
Then go to Settings -> Security and enable two-factor authentication (2FA). This ensures that the hacker (and future hackers) cannot break into your account without also having access to your 2FA device.
You can also check your other settings to be sure nothing has been tampered with. For instance, an attacker might whitelist their own email addresses, add spammy links to your email signature, or set up auto replies to trick your contacts.
When in doubt, Ask!
If you have any doubts about whether or not an email is legitimate, please ask and confirm with the person or company that supposedly sent it. In the case of a suspicious email that claims to be from the ICTMail Team, you can write to email@example.com and our security team will be able to advise you further.