Since March 2020, there has been a dramatic spike in the number of COVID-19-themed phishing attacks that capitalize on people’s anxiety to learn more about the pandemic. According to Barracuda Networks, there was a 667% increase in phishing attacks that use COVID-19 as a hook to distribute malware or scam users into revealing access credentials or private information.

Now SysCloud customers subscribing to our Safety, Security and Compliance app can configure a phishing policy to monitor a variety of phishing attacks that target Gmail users in their domain.

What types of phishing attacks are detected by the phishing policy?

The phishing policy feature can be customized to scan email inbox of select users, users belonging to an organizational unit or can be applied to your entire G Suite domain.

Once the policy is active, Gmail users are now protected from the following types of phishing attacks:

Brand impersonation attack

Brand Impersonation is a form of phishing attack where attackers pretend to be from a trusted brand/company to send out emails with malicious content. These emails resemble a well-known bank, credit card company, an e-commerce portal, or even a government agency.

Domain spoofing attack

Hackers buy domains that look similar to the domain of a known brand. This makes it easier for the hackers to carry out brand impersonation attacks. For example, fedexcares.com can be used to target FedEx customers who receive emails from fedexcare.com which is a legitimate domain.

Oauth attack

Oauth attacks involve phishing emails that target the authorization tokens by loading a malicious application URL into an email. Clicking on that URL will allow access to the Google account via the Oauth protocol.

Account takeover attack

Account takeover attacks are related to identity theft where attackers gain access to a user’s online credentials using fake URLs loaded in an email or in attachments.

Mass phishing attack

Mass phishing attacks are the emails sent to a group of people with some common interest based on their brand preferences and demographics.These emails are clones of transactional emails like receipts, payment reminders, or gift cards.

Spear phishing

Spear phishing emails are carefully designed to target a specific user in your domain. These attacks have a greater risk for the organization because the attackers do a complete social profile research about the target user and their organization to improve their chances of getting the user to take action.

Whaling

This technique targets C-suite posts like CEO, CFO, COO – or any other senior management positions, commonly known as “whales” in phishing terms.

Pharming

Pharming attack makes use of mis-configuration in a website’s redirection page either by changing the hosts file on a victim’s computer or by exploiting the vulnerability in order to redirect to a fake site.

How to activate the Phishing policy feature

Log into your SysCloud app and navigate to the Safety, Security & Compliance > Create Policy > Phishing. You can customize the policy to fit your organization’s needs from here.

Phishing policy template

To learn more about creating a phishing policy, please read our detailed Knowledge Base article:

How to create and manage the phishing policy for Gmail

 

Leave a Reply