• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Contact Sales
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Why Us
    • Why Cisco Umbrella
      • Why Try Umbrella
      • Why DNS Security
      • Why Umbrella SASE
      • Our Customers
      • Customer Stories
      • Why Cisco Secure
    • Fast Reliable Cloud
      • Global Cloud Architecture
      • Cloud Network Status
      • Global Cloud Network Activity
    • Unmatched Intelligence
      • A New Approach to Cybersecurity
      • Interactive Intelligence
      • Cyber Attack Prevention
      • Umbrella and Cisco Talos Threat Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco Umbrella and SecureX
  • Products
    • Cisco Umbrella Products
      • Cisco Umbrella Cloud Security Service
      • Recursive DNS Services
      • Cisco Umbrella SIG
      • Umbrella Investigate
      • What’s New
    • Product Packages
      • Cisco Umbrella Package Comparison
      • – DNS Security Essentials Package
      • – DNS Security Advantage Package
      • – SIG Essentials Package
      • – SIG Advantage Package
      • Umbrella Support Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Cloud Data Loss Prevention (DLP)
      • Cloud-Delivered Firewall
      • Cloud Malware Protection
      • Remote Browser Isolation (RBI)
    • Man on a laptop with headphones on. He is attending a Cisco Umbrella Live Demo
  • Solutions
    • SASE & SSE Solutions
      • Cisco Umbrella SASE
      • Secure Access Service Edge (SASE)
      • What is SASE
      • What is Security Service Edge (SSE)
    • Functionality Solutions
      • Web Content Filtering
      • Secure Direct Internet Access
      • Shadow IT Discovery & App Blocking
      • Fast Incident Response
      • Unified Threat Management
      • Protect Mobile Users
      • Securing Remote and Roaming Users
    • Network Solutions
      • Guest Wi-Fi Security
      • SD-WAN Security
      • Off-Network Endpoint Security
    • Industry Solutions
      • Government and Public Sector Cybersecurity
      • Financial Services Security
      • Cybersecurity for Manufacturing
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
  • Resources
    • Content Library
      • Top Resources
      • Cybersecurity Webinars
      • Events
      • Research Reports
      • Case Studies
      • Videos
      • Datasheets
      • eBooks
      • Solution Briefs
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • For Customers
      • Support
      • Customer Success Webinars
      • Cisco Umbrella Studio
    • Get the 2022 Cloud Scurity Comparison Guide
  • Trends & Threats
    • Market Trends
      • Hybrid Workforce
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
    • Security Threats
      • How to Stop Phishing Attacks
      • Malware Detection and Protection
      • Ransomware is on the Rise
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
      • Global Cyber Threat Intelligence
      • Cyber Threat Categories and Definitions
    •  
    • Woman connecting confidently to any device anywhere
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Person looking down at laptop. They are connecting and working securely
  • Blog
    • News & Product Posts
      • Latest Posts
      • Products & Services
      • Customer Focus
      • Feature Spotlight
    • Cybersecurity Posts
      • Security
      • Threats
      • Cybersecurity Threat Spotlight
      • Research
    •  
    • Register for a webinar - with illustration of connecting securely to the cloud
  • Contact Us
  • Umbrella Login
  • Cloudlock Login
  • Free Trial
Security

All the Phish in the Sea

By Patrick Colford
Posted on August 21, 2014
Updated on April 10, 2020

Share

FacebookTweetLinkedIn

Every week, we hear of new threats to computer security: Cryptolocker, Heartbleed, Zeus. With so many different names and kinds of threats, it can be daunting to keep track of all the different ways that a computer can be compromised. OpenDNS and our Umbrella Roaming Client are powerful security tools, but the best weapon in the fight against cybercrime is battlefield knowledge.

Some might call the comparison of malicious activity to warfare a little hyperbolic. Not long ago, bugs and viruses were the realm of bucktoothed hackers looking to annoy people or companies, but weren’t treated as anything other than irritating teenagers with an internet connection, a computer, and some time to kill. But times have changed, and malicious activity on the net isn’t a joke anymore, but a business. According to McAfee, malicious activity annually costs the world about $375 billion, at a conservative estimate. The FBI tells us that 18 computers get infected every second. OpenDNS’ security solutions help prevent malware and phishing attacks from affecting your computers, but knowing about the different threats is key.

Malware refers to any piece of malicious software, programs that are designed to impede or disrupt a computer’s standard operations. Previously, this was used mainly to refer to viruses, but as malware becomes more of an industry than a hobby, we see new variants emerging—including keyloggers, ransomware, and RATs. These threats vary in terms of what they do and the kind of damage they inflict, so I’ll go over them one by one.

Keyloggers are programs that run invisibly on your computer in the background. While running, keyloggers record all of your computer’s keystrokes and send them to the attacker. Though the attacker may get your benign search terms (I’ve searched for “cats” more times than I’d care to admit), they’ll also get your passwords and email addresses if you type them in. Because the keylogger is on your computer, those keystrokes are unencrypted and totally exposed to the program. Keyloggers can just as easily record your PIN or credit card information when using online shopping services or banking.

Whereas keyloggers hide in the background, ransomware is anything but subtle. These programs take your computer files such as the photos from your last vacation, tax records for your business, or your favorite songs from this really rare album you have, and encrypts them, making them unable to be opened by you until a fee (the “ransom”) is paid. Some even offer technical support in helping you pay them. One famous example of this software is Cryptolocker, which earned its operators $30 million in 100 days.

Rounding out the list, RATs are what a lot of people think of when they imagine cybercrime. An acronym standing for Remote Access Trojan, these programs give root access of a computer to the attacker, letting them remotely control all of the computer’s functions. They can move your cursor, see what windows you’re currently looking at, and much, much more. Having full access to your computer means they can do anything and everything they want with it.

Whereas malware is designed more to take advantage of your computer and its weaknesses, phishing attacks are designed to take advantage of you. A play on fishing, this sort of malicious behavior is meant to trick you into revealing sensitive or valuable information, such as your passwords, bank account number, SSN, or any other information you want to keep secret. One of the major differences between phishing and malware is that very few phishing attacks require you to download anything.

Nigerian Scamming Emails, alternatively called “419 attacks” (from the Nigerian Criminal Code about fraud) or “Nigerian Prince Emails” are famous examples of phishing attacks. In these emails, the senders claim that they have a large amount of money held in trust because a wealthy relative died, and that they need a little bit more money to gain access to the larger sum. Perhaps they can’t afford the trip to the bank in the capital to claim it, or they may need to pay a “service fee” to the bank. However, this bank, and the larger sum, don’t actually exist. It doesn’t stop people from believing that if they wire some money to the sender, they’ll receive a payout at the end.

Similarly, there are many messages purporting to be from banks or email services like Google. In it, the sender warns that the victim’s account is in jeopardy. Maybe the account is about to be deleted, or that it has been compromised. In any case, the sender has to “authenticate” that the victim is legitimate, and so requests the victim’s account information, including any passwords and mailing addresses. Email phishing attacks are very common because it’s email is cheap, fast, and easily spoofable; it’s trivial to claim a sending email address as “accounts@bankofamerica.com” or “customerservice@google.com” but receive the message elsewhere.

To learn more about phishing check out this talk “Teach a man to phish” from fellow OpenDNSer Vinny Lariza, who recently presented at BsidesLV.

Learning about the different threats on the web is the best weapon in any person’s arsenal, but knowledge alone isn’t enough. Even the most careful people on the web still fall prey to attacks, which is why OpenDNS is here to help defend computers and their users.

Previous Post:

Previous Article

Next Post:

Next Article

Follow Us

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Global Cloud Architecture
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Umbrella
  • Cisco Umbrella Blog

Learn more

  • Webinars
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2023 Cisco Umbrella