Q
Problem solve Get help with specific problems with your technologies, process and projects.

How can users identify phishing techniques and fraudulent websites?

A Gmail phishing attack brought users to fake login pages designed to look like Google's. Expert Nick Lewis explains how users can prevent similar phishing attacks.

Wordfence, which makes a security plugin for WordPress, discovered a phishing technique targeting Gmail users that...

starts with an email sent to the target user's account that sends them to a fake login page designed to look like Google's. What are the indicators users can look for to confirm that a webpage is legitimate? Are there any tools or add-ons that can prevent these sorts of phishing techniques and attacks?

Phishing attacks continue to be among the most effective ways to compromise an enterprise.

Wordfence blogged about this phishing technique from early 2017 that targeted a confusing user interface issue in Chrome web browsers, which could make a webpage appear to be Google's login page (the address bar featured accounts.google.com, leading users to believe it was authentic). Google has since addressed the issue.

Sometimes, the standard advice sounds trite, but may still be the only advice upon which we can reasonably agree. There are varying views in the security community about the value of security awareness and its effectiveness versus focusing efforts on using the company's budget for security tools. People continue to be victimized by phishing techniques, and as a security community, we need to make significant improvements to better protect people, along with reducing the cost incurred by enterprises from compromised accounts. The guidance Wordfence released about how to identify phishing techniques and fraudulent webpages is good, but we need to do more.

For this specific Gmail phishing attack, a data URL that includes a file is displayed in the location bar, which is then opened up in a new tab. Google released a Chrome web browser update, which now displays a not secure message in the location bar whenever a data URL is displayed.

There are endpoint and network-based tools and cloud services that can help address phishing. Many web browsers and endpoint security tools already include some level of protection against phishing techniques. The Anti-Phishing Working Group has a lengthy sponsored tool list that includes many different classes of tools, ranging from attack detection to email filtering.

As part of your incident response process for phishing attacks, you could perform a root cause analysis to determine what security controls need to be improved to minimize the impact of a future phishing incident, and then find tools in that category to complement existing tools. 

Next Steps

Learn what approach your company should take after staff members fall victim to phishing attacks

Read about a phishing attack that uses voicemail notification emails to spread malware

Find out how to provide security awareness training to educate healthcare employees

This was last published in June 2017

Dig Deeper on Email and messaging threats

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How does your organization keep its employees updated about new phishing campaigns?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close