Contact us today!
561-795-2000 
844-795-2001

FRS Pros Blog

When the People You Trust Phish You

When the People You Trust Phish You

Having success in business often relies on developing trustworthy relationships. You have to trust your vendors and suppliers to get you the resources you need, you need to trust your staff to complete their tasks without putting your business in harm's way, and you need to trust your customers to buy the products and services that you offer. Running counter to these necessary bonds of trust are people actively soliciting people’s time, energy, money, and attention for their own selfish purposes.

Cybercriminals don’t care what kind of good will you’ve forged, all they want is your data or access to your network. This blind determination is a major threat to businesses like yours. One of the most prevalent scams is what is called a Display Name Spoof. It isn’t just your regular phishing scam, and today, we’re going to teach you everything you need to know to ensure that you aren’t a cybercriminal’s next victim.

What is Display Name Spoofing?

Display name spoofing is a spear phishing tactic where hackers will target an individual—who typically has access to the network or resources that the hacker wants access to—and sends them a vaguely worded email that is seemingly sent from a trusted source, often an authority figure. Since the email address and title look legitimate, subordinates who forsake security for alacrity can put your whole business in jeopardy.

It works like this: Many professional emails will have a signature. Display name spoofers use  this to their advantage. What they will do is target a person, research them to find someone that could potentially get them to act impulsively, and use that information to phish the user. Below is an example of a display name spoof phishing attempt:

As you can see, the only thing that looks illegitimate here is the actual email address and since some email clients don’t actually show the address by default, you wouldn’t blame a dutiful employee for following the instructions in the spoofed email. 

What Can You Do to Combat Display Name Spoofing? 

At your business, you have cameras, You have locks on the doors. You’ve developed secure access control procedures to ensure your employees have the authorizations they need to do their jobs. Why would your strategy change when aiming to protect your business’ most important asset? 

Just like with physical security, you need a strategy to protect your digital assets. Part of that strategy has to confront the fact that your business is going to get phished and that it is your responsibility to ensure that your employees are well trained, and therefore knowledgeable about how to identify and respond to these situations. 

Here are a few tips on how to ascertain if a message is legitimate:

  • Thoroughly inspect both the name and sender’s email address before you take action.
  • Check the content for misspellings or completely incorrect uses of grammar.
  • Consider if the sender would send a message asking you to take cavalier action.
  • Consider if the sender would ask you to send them authorization credentials through email.

If there is any reason that the recipient has a notion that the email is not legitimate, implore them to verify. Getting a verification of the email’s legitimacy typically takes minutes and can really help eliminate the risks that display name spoofing can bring to your business.

If you need help understanding how to identify phishing tactics, train your employees to do the same, and knowing what steps to take when you realize you are dealing with a phishing attack, contact the IT professionals at FRS Pros today at 561-795-2000.

Four Key Components of Successful Network Security
Paying a Ransom Demand Could Get Even More Expensi...

By accepting you will be accessing a service provided by a third-party external to https://frspros.com/

Mobile? Grab this Article!

QR-Code

Tag Cloud

Tip of the Week Security Technology Best Practices Productivity Business Computing Network Security Privacy Hackers Internet User Tips Software Google Cloud Efficiency Innovation Hardware Microsoft Data Email Smartphones Hosted Solutions Business Management Computer Workplace Tips Mobile Devices Business Communication Windows 10 IT Support Tech Term Malware Android Small Business Data Backup Cybersecurity Backup IT Services VoIP Disaster Recovery Smartphone Data Recovery Collaboration Browser Outsourced IT Users Office 365 Upgrade Phishing Gadgets Communications Windows Internet of Things Ransomware Information Miscellaneous Cloud Computing Covid-19 Apps Quick Tips Cybercrime Business Continuity Data Security Saving Money Network Operating System Passwords Managed IT Services Automation Social Media Managed Service Facebook Mobile Device Management Health Wireless Microsoft Office Mobile Device Server Alert Information Technology Law Enforcement Blockchain Employer-Employee Relationship Two-factor Authentication Vulnerability Save Money OneNote Money Artificial Intelligence Conferencing Mobile Office Managed IT Services Managed IT IT Support Best Practice Spam Applications Chrome Networking Virtualization Holiday HIPAA Project Management Patch Management Managed Service Provider Wi-Fi Telephone Systems Tech Support Bandwidth Data Breach Unsupported Software Augmented Reality BYOD BDR Password Access Control App Printing Router Bring Your Own Device Hacking Google Drive Settings Gmail Windows 10 Data Storage Retail Battery Computers WiFi Word Windows 7 Wireless Technology Government Business Technology Audit Data Management Meetings Google Docs Software as a Service Remote Data Protection Wireless Charging Devices Robot Hard Drive Display Productivity Human Resources Update Shortcut Sports Cost Management Politics YouTube Remote Workers IT Management The Internet of Things Payment Cards Marketing VPN iPhone Travel Commerce Telephony WannaCry Management History File Sharing Excel Apple Fraud Sales Mobile Security Training Evernote Application SaaS Hosted Solution Vendor Proactive IT Google Assistant Avoiding Downtime Mobility User Error Search Encryption Hybrid Cloud Touchscreen Safety Cortana Voice over Internet Protocol Paperless Office Data Loss Risk Management Budget Going Green Social Adobe Workers Point of Sale Gamification Keyboard Shortcuts Unified Threat Management Workstation Legislation Language eCommerce Accessory Smartwatch Entertainment Administrator 5G Virtual Private Network Solid State Drive Keyboard Hosted Desktop Root Cause Analysis Humor Windows Ink Identity Theft Streaming Media Virtual Assistant E-Commerce Processor Emails Regulations Compliance Cast Gifts Computing Lithium-ion battery Licensing Updates Office Memory Development Upgrades Telework Comparison Testing Fiber Optics Computer Fan Computer Forensics Peripheral Server Maintenance Remote Work Personal Information Microsoft Excel IT budget Access Hard Disk Drive Innovations Outlook Smart Devices Google Maps Spyware Vendor Management Chromecast Alexa for Business Benchmarks Policy Credit Cards App store Chromebook Co-Managed Services Microsoft Word Scam Financial Payroll Micrsosoft Audits Reputation Specifications Virus Camera Holidays Education Investment Net Neutrality Internet Exlporer Employees Managed IT Service Remote Working IT Solutions Data storage Telephone Sabotage Troubleshooting Samsung Employee Myths Webinar Procedure Remote Computing Tablets Maintenance Security Cameras Business Intelligence Consultant Solutions Proactive Uninterrupted Power Supply Projects Copiers PowerPoint Admin ROI Internet Service Provider Remote Monitoring Storage Social Engineering Legal OneDrive Managed Services Provider Reviews Sync Hyperlink PC CRM Edge Antivirus Compliance Break/Fix Threats IT solutions Video Conferencing FAQ Laptop NFL eWaste Machine Learning Digital Signage Printer Transportation Websites Identity Printers Inventory Files Wireless Internet Saving Time Windows Server 2008 R2 Private Cloud Identities DDoS Employee-Employer Relationship Facebook Privacy iOS WIndows Server 2008 Disaster Value Wasting Time AI Ciminal Recovery Medical IT Scams Windows 10s Organization HBO Charger Instant Messaging Hacker Computer Care Nanotechnology Touchpad Device Security Amazon Downtime Firewall PCI DSS Screen Mirroring Data Theft Emergency Data Privacy Scalability Analytics Twitter HaaS End of Support Relocation Black Market Cleaning Automobile Big Data Thank You Managing Stress USB Worker PDF How To Books Congratulations Hiring/Firing Cache Mobile Computing Video Games Experience es Work/Life Balance Virtual Reality Text Messaging Crowdsourcing Employer Employee Relationship Current Events Electronic Medical Records Monitors Benefits Phone System Television CrashOverride Save Time Office tips Computer Accessories Company Culture Smart Technology Flexibility Music Advertising Regulation Communitications