Go back to all articles

The Sophisticated Phishing Hacks of Cybercriminals

Phishing

How to Escape the “Phishing Net” Successfully

Phishing is a top security concern among businesses and private individuals. With cyber-attacks on the rise, phishing incidents have steadily increased over the last few years. In 2021, phishing was the most frequently reported cybercrime in the US according to a survey conducted by Statista, and the main cause of over 50% of worldwide ransomware infections in 2020. For businesses, falling victim to phishing attacks can become very costly as the loss of credibility among customers and partners can be on the line.

While email is still the most common tool used for phishing, cybercriminals have stepped up their game, using more sophisticated methods. Their techniques go beyond sending emails and include clever social engineering strategies that are sometimes hard to expose. The goal of phishing attacks is to steal sensitive data, such as banking information and credit card details, or to commit identity theft by gaining access to online accounts or taking control of entire computers.

Luckily, you are not completely defenseless against online fraudsters. Certain strategies and tricks will help you to protect your data. Recognizing a phishing attempt when it happens is key to making sure your information doesn’t get stolen. Discover what strategies and technologies cybercriminals are using and learn how to spot different types of phishing instantly in case you ever get targeted. We explain how some cybercriminals misuse secure Remote Access Technology to launch phishing scams and what you can do to prevent falling victim to them.

Phishing Has Many Faces

Have you ever received a suspicious email in your inbox at work or home? Phishing emails claim to be from an official source, such as your bank, a social media site, your email provider, or your boss. They may contain fraudulent links to websites that might look legit at first glance but have only one purpose: to steal your information. With these phishing messages, cybercriminals try to get their hands on your login credentials or other personal or business-related data. Sometimes, there are even suspicious files attached to the email which could eventually install malware on your device.

Email phishing, however, is not the only gateway fraudsters use to gain access to information. Here are the most common phishing techniques of cybercriminals and valuable tips on how to tackle them.

URL Hijacking

A common trick of cybercriminals is the hijacking of URLs. This means that attackers register a new domain that is slightly misspelled compared to the official website they are trying to imitate. At first glance, the wrong URL often looks correct, and the misspelling goes unnoticed. But in reality, you are ending up on a fake website. Here is an example: Correct URL: thisisanexample.com vs. Hijacked URL: thisisanexampel.com.


We recommend: When you receive a link from a suspicious source via email or text message, we recommend you validate the sender and check the link carefully. Type the URL into your browser manually instead of simply clicking on the link. That way, you will quickly spot the misspelling in the URL and, with it, the scamming attempt.


Smishing

Text messages are another tool cybercriminals use to target their victims. This form of phishing is called SMS phishing, or smishing. Scammers send fraudulent links via SMS, often disguised as order confirmations or tracking updates. Needless to say, if you receive a text message asking you to track your order even though you haven’t ordered anything, you’re immediately alarmed. What if someone has stolen my data? Has one of my accounts been compromised and someone is now placing orders in my name? Scammers are well aware of this fear and misuse it as an instrument.

Once you click on the confirmation/tracking link, you could be redirected to a site that requires you to enter sensitive data, such as login credentials of a website you have an account with and supposedly ordered from. In some cases, you might be asked to download malicious apps that secretly install malware on your phone. This malware can be used to spy on devices.


We recommend: When you are unsure about the authenticity of a text message, run the SMS text through a search engine. Most likely, other people have received the exact same scam message and are already reporting it online. If you are not expecting any deliveries and haven’t ordered anything, chances are this could be a smishing attempt. Only click on links in text messages when you have actively signed up for SMS updates from your carrier. Don’t follow the call to download any unauthorized apps, as they might contain worms, viruses, ransomware, trojans, and other malicious signatures.


Vishing

Phishing can also happen in the form of phone calls. This method is called voice phishing, or short, vishing. Often, fraudsters spoof local phone numbers, making it seem as if a locally-based organization is calling you. The danger in this scenario: Regional phone numbers automatically make us question less if a call is legit or not. Eventually, it’s a local caller, isn’t it?

Some vishing attacks are easier to identify than others. In Germany, a wave of scam calls claiming to come from Europol recently tricked people into revealing personal data. Fraudsters informed their victims with a recorded announcement that their personal information had been stolen (which wasn’t the case) and that further steps for identity verification would be required. Trained to gain your trust, they will speak to you personally and might even know some private information about you.


We recommend: When in doubt, use a search engine to look up the phone number or organization calling you. Chances are, as with smishing, other people are already reporting similar cases online. When speaking to an actual person, ask questions only your real bank could know, for instance. To play it safe, ask for an official letter via mail. If this is really your bank or any other official business, it shouldn’t be an issue, right?


Pharming

In extreme cases, cybercriminals take over an entire DNS server. This phishing attack happens below the surface. They confiscate a legit domain to reroute traffic to a fake website. Often, these fake websites are a close replica of the original, making a pharming attack very difficult to detect. Imagine entering the known URL of your bank manually, but in the background, you are being redirected to a fraudulent site that is going to steal your login credentials.

Even though pharming attacks are rare, they can happen to anyone, and the damage caused can be severe. This happened in Venezuela in 2019, where fraudsters targeted a specific website that was part of a humanitarian aid campaign. Volunteers could sign up with their personal information (name, address, passport ID, etc.) to support the organization. However, all traffic to the site was redirected to a counterfeit twin, and, consequently, all data was stolen.


We recommend: What can you do against pharming attacks? Always check the sites you visit for an HTTPS connection. HTTP can indicate that the domain might not be safe, and you should refrain from entering any data. Always double-check links and URLs before you reveal any personal information. Using 2-Factor Authentication on all your accounts makes it harder for cybercriminals to hack into your profiles in case your data does get stolen. And, most importantly, choose a reputable internet service provider who filters out suspicious redirects for you.


Spear Phishing

One of the trickiest forms of phishing is called spear phishing. It is based a huge part on sophisticated social engineering methods, as with targeted vishing phone calls. Spear phishing attacks are aimed at a specific individual. Scammers can gather personal information about their target mostly through social media and business websites if this information is openly accessible. That way, they can impersonate a real person from the target’s family or business circle.

The most common fake stories are accidents that never happened or a personal financial crisis that does not exist. Eventually, these scammers will ask the target for monetary support via email, social media message, or phone, claiming to be a long-lost relative.


We recommend: Keep your social media accounts private. If you share information publicly, do so with a time delay and try to avoid showing too much of your private life. The identity of family members and close friends should always remain private. Protect yourself and your loved ones from getting spear-fished.


Whaling

Spear phishing of high company officials, such as CFOs for instance, is called whaling. Scammers truly hit the bullseye when they manage to get through to “the big fish”, or “the whale”, who has important financial information on a business. This can be targeted invoice scams disguised as legitimate claims from the company’s main supplier, or fake emails from colleagues asking for the company’s credit card details to pay an urgent bill. The damage caused in these cases can be financially severe.


We recommend: Generally, all employees of a business should receive special security training to prevent falling victim to phishing attacks, regardless of their role within the company. Special training should be given to important decision-makers who handle high financial responsibilities. Especially CFOs need to stay vigilant and should always reconfirm payment requests before acting.


How Scammers Exploit Secure Remote Access Technology

Phishing itself isn’t a new phenomenon. It has been around since the commercial use of the internet. Technology is constantly evolving, and so are the methods of cybercriminals. A digital, interconnected world makes it easier for fraudsters to gain access to sensitive information.

Sadly, there have been instances where scammers have abused Remote Access Technology as a potential tool to upscale their phishing attempts. With this misuse, they create the illusion that Remote Access Technology would be unsafe. Professional Remote Desktop Solutions, however, are secure tools for accessing devices remotely. For businesses, Remote Access Technology brings many advantages. It allows employers to offer Remote Work to their employees and gives IT departments the right basis for excellent IT support and administration.

It is important to understand that this type of software is made to fulfill even the strictest security guidelines. Remote Desktop Tools encrypt all data and offer the highest security standards to keep all outgoing and incoming connections safe from prying eyes. Allowing a cybercriminal to remotely access your device is always dangerous. So it is the misuse of this technology that is unsafe, not the product per se. It always depends on who you allow connecting to your device and what intentions that person really has.

Imagine creating a public profile on social media and sharing all kinds of sensitive information publicly. It is not the social media platform that is insecure, it is the way the platform is being used at that moment. Same with an internet router for instance. Imagine installing a new router at home but turning off all firewalls. The device isn’t the issue, but the way this technology is being put to use.

Staying vigilant and cautious in the online world is important. That also counts for the way we are using secure technologies. Carelessness can turn the safest tools into open portals for cybercriminals if we don’t pay attention.

An Example

We are aware that there have been instances where AnyDesk and tools from other Remote Desktop providers have been misused in phishing attempts. We do not tolerate the misuse of our product and are proactively fighting against scammers. Paired with social engineering techniques, cybercriminals might claim to be from your bank or internet provider, for example. They are likely to approach you via email or phone call, asking you to download a Remote Desktop Tool, so they can actively control your device and help you with an issue that, in reality, does not exist.

Scammers have recently tried to fool victims with a vishing attack, claiming that they were calling from Amazon. They spoofed local phone numbers and explained that the purpose of their call was to inform the victims that their Amazon accounts had been compromised. The scammers promised to solve the issue quickly if the victim downloaded a Remote Desktop Tool granting full access to their computer. In reality, the Amazon account had never been hacked, and the call was just a trick to gain unlimited access to the target’s device.


We recommend: Never give your AnyDesk ID to individuals you do not know and only download our product from our official website. Always reconfirm the authenticity of the person who wants to connect to your device. When in doubt, reject the incoming connection altogether. If someone wants to connect to your computer or smartphone, there is usually a reason for it, such as fixing IT issues. But if this reason doesn’t ring a bell, be extra cautious.

Professional IT businesses will not contact you out of the blue and urge you to download their software. Usually, the communication is initiated by you (the user or potential customer) by asking for a quote or testing a trial version. Sadly, scammers misuse our trust in professional software and renowned brands such as Microsoft, Amazon, or even AnyDesk for their mischievous intentions.


Added Security Layers Through Automation

Automation is making life easier than ever. Today, everything can be automated, from your preferred coffee strength in the morning to smart lights. When fighting phishing attacks, automation plays a crucial role as well, not just for companies but also for private individuals. Automation can prevent us from falling for spam emails, for example. When phishing emails can’t reach endpoint devices because they are automatically detected and blocked by spam filters, we speak of automation. To level up your cybersecurity, we recommend automating the following settings and processes:  

  • Staying up to date: With a big part of our lives taking place online, it is important to educate yourself continuously on the topic of cybersecurity. That way, we stay up to date with the methods cybercriminals are using. This can happen through blogs about online security or other relevant pages. Businesses should offer employees regular cybersecurity training, so that staff knows how to react in case they are being targeted. Today, education platforms automate most training by providing online modules and education plans.
  • Use spam filters for your email account. That way, suspicious email domains are automatically filtered out and blocked before they reach your inbox. Many private email service providers already have spam filters enabled automatically or offer the option to turn filters on and off. When emails slip through, you usually have the option to add them to a blacklist manually.
  • Install web filters or browser add-ons that block suspicious websites or links from being accessed.
  • Always keep your systems and software applications up to date. When there is a new system or software update available, do not postpone it, but run it immediately. That way, the latest security patches will be installed on your device.
  • Use Antivirus software and keep its signatures up to date. Phishing messages may contain malware. Your Antivirus program can detect malicious programs in case you accidentally install malware on your device and can help you to get rid of it.
  • Always use Multi-Factor-Authentication on all your accounts. In case your login credentials do get stolen, a second login layer can help to prevent hackers from getting into your accounts, so you have time to change your passwords.
  • Have a regular system backup available. Some malware hides behind the surface and affects your system at the roots. Your device can be monitored or even controlled without you noticing it. A backup point can help you restore your system to a point before it got infected.
  • Same as with email servers, AnyDesk provides a Whitelist that allows you to whitelist people (AnyDesk IDs) you know. That way, only the persons whitelisted can connect to your device. For businesses, whitelisting a Namespace adds additional security as only IDs that are part of that particular Namespace can connect.
  • For IT departments, Remote Desktop Tools like AnyDesk are especially useful as they allow admins to create Custom Clients that have certain privileges already preset to them. IT support can roll out incoming-only clients, for example, which ensures that nobody can take control of the support personnel’s device during a remote support session.
  • Another useful automation method for AnyDesk users is Permission Management. This feature allows users to preset certain access restrictions for anyone connecting to their device. Block your peripheral devices to make sure that nobody can control your mouse and keyboard from the distance.

Takeaways

Today, phishing is a major cybersecurity threat. While there are many different forms of phishing, such as smishing, vishing, or whaling, there is one thing most of these scams have in common: They are deceptive, socially engineered attempts to get access to sensitive data and, sometimes, even to devices and hard drives.

It is important to be aware of the methods these scammers are using. They can even infect your devices with malware, ransomware, and viruses to extort money from you or spy on you. In some cases, cybercriminals also misuse secure technologies and renowned, trusted company names to deceive their victims.

Good to know that you are not completely helpless against cybercriminals. If you follow the tips in this blog post, you are well prepared in case you ever become a target of a phishing attack. To stay vigilant when it comes to suspicious emails, phone calls, and requests, is the best protection against online fraud.

If you believe you have been scammed by cybercriminals misusing AnyDesk, please report your case and help us fight scammers so they don’t stand a chance of scamming others.

Read More

AnyDesk Scam Prevention

Learn what AnyDesk is doing to prevent online scams and how you can report your case.

Learn more

4 Questions Against Scams

Discover how 4 simple questions can reveal online scams quickly.

Learn more

Social Engineering

Find out what social engineering has to do with cybercrime.

Learn more

Sign up for news, tips and more