A recent study showed that out of one billion email messages analyzed in a six-month period, dozens had been subject to "longline" phishing attacks. These attacks were so efficient that over 10% of the recipients were tricked into clicking on malicious content capable of taking complete control of PCs and compromising corporate networks.
Phishing refers to email fraud in which criminals send out legitimate-looking emails requesting personal and financial details from unsuspecting people. "Longlining" is a more sophisticated form of phishing, which draws its name from the fishing practice that deploys miles-long fishing lines with multiple hooks on them. By attaching bait to these hooks you can catch more fish with just one throw of the fishing pole. Longlining attacks are based on this idea.
How does longlining work?
In typical phishing attacks, scam messages are sent from one particular address, which can be easily blocked by spam filters. The new technique, longlining phishing, consists in the fact that the attackers vary the location the message is sent from, the email address and the content. This makes it very hard to set a filter to identify the messages as being scams.
How to protect yourself?
No matter how sophisticated these phishing methods become, there are a few steps that you can take to protect yourself from phishing attempts of any kind:
- Keep your internet settings to their default values set by Microsoft, unless advised otherwise by your internet service provider.
- Do not install any browser add-ons or plug-ins from untrusted sources.
- Learn to always open a website by pasting/writing its address into your browser window, and never to click on links received via emails from unknown people. If the address is suspicious, simply forward it to the Support Team of the security company whose security suite you’re using, or to the Support of the site you were trying to reach and ask for further advice.
- Install a good security suite. We can never be too careful with so much information and content. A good Safe Browsing plug-in will warn you about the site being suspicious.
- Do not open any kind of links/offers/attachments that you receive by email, before you check with the sender that the message is genuine.
- Ask yourself if any of your contacts would sent you a message that would say: “Hi, click here: http://linkfromphising”
- Make sure that you correctly configure your BullGuard Spamfilter and that you also mark Spam messages, to be added to the blacklist.
- Check out this antiphishing guide we have prepared for you: About phishing.
Better safe than sorry! Always put your best interest in the balance when anything seems out of order and double-check everything that’s related with your bank account and credit card number, or any other type of personal information.
BullGuard Internet Security 2013 comes with antiphishing protection, a Safe Browsing and a Spamfilter feature to protect from all those nasty phishing attempts. Try it now for 60 days, free!
Posted by Andreea Luciana Ostache