• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Free Trial
  • Contact us
  • Blog
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Products
    • Product
      • Cisco Umbrella Cloud Security Service
      • Cisco Umbrella Investigate
      • Product Packages
      • Support Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Interactive Intelligence
      • Cloud-Delivered Firewall
    •  
    • Webinar signup
  • Solutions
    • By Need
      • Protect Mobile Users
      • Fast Incident Response
      • Web Content Filtering
      • Shadow IT Discovery & App Blocking
      • Unified Threat Enforcement
      • Reduce Security Infections
      • Secure Direct Internet Access
      • Securing Remote and Roaming Users
    • By Network
      • Protect Guest Wi-Fi
      • SD-WAN Security
      • Off-Network Endpoint Security
    • By Industry
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
      • Our Customers
      • Customer Stories
    • Ransomware Defense for Dummies book
  • Why Us
    • Fast Reliable Cloud
      • Cloud Security Infrastructure
      • Cloud Network Status
      • Cloud Network Activity
      • Recursive DNS Services
      • Top Reasons to Trial
      • Getting Started
    • Unmatched Intelligence
      • Cyber Attack Prevention
      • Interactive Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco SD-WAN
    • Navigation-dropdown-promo-free-trial_102820
  • Resources
    • Content Library
      • Top Resources
      • Analyst Reports
      • Case Studies
      • Customer Videos
      • Datasheets
      • eBooks
      • Infographics
      • Solution Briefs
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Cisco Umbrella Blog
      • Latest Posts
      • Security Posts
      • Research Posts
      • Threats Posts
      • Product Posts
      • Spotlight
    • For Customers
      • Support
      • Customer Success Hub
      • Umbrella Deployment Hub
      • Customer Success Webinars
      • What’s New
      • Cisco Umbrella Studio
  • Trends & Threats
    • Market Trends
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
      • Secure Access Service Edge (SASE)
    • Security Threats
      • Ransomware
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
    •  
    • 2020 Cybersecurity trends
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Become a partner
  • Free Trial Signup
  • Umbrella Login
  • Cloudlock Login
  • Contact Us
Security

All the Phish in the Sea

By Patrick Colford
Posted on August 21, 2014
Updated on April 10, 2020

Share

Facebook0Tweet0LinkedIn0

Every week, we hear of new threats to computer security: Cryptolocker, Heartbleed, Zeus. With so many different names and kinds of threats, it can be daunting to keep track of all the different ways that a computer can be compromised. OpenDNS and our Umbrella Roaming Client are powerful security tools, but the best weapon in the fight against cybercrime is battlefield knowledge.

Some might call the comparison of malicious activity to warfare a little hyperbolic. Not long ago, bugs and viruses were the realm of bucktoothed hackers looking to annoy people or companies, but weren’t treated as anything other than irritating teenagers with an internet connection, a computer, and some time to kill. But times have changed, and malicious activity on the net isn’t a joke anymore, but a business. According to McAfee, malicious activity annually costs the world about $375 billion, at a conservative estimate. The FBI tells us that 18 computers get infected every second. OpenDNS’ security solutions help prevent malware and phishing attacks from affecting your computers, but knowing about the different threats is key.

Malware refers to any piece of malicious software, programs that are designed to impede or disrupt a computer’s standard operations. Previously, this was used mainly to refer to viruses, but as malware becomes more of an industry than a hobby, we see new variants emerging—including keyloggers, ransomware, and RATs. These threats vary in terms of what they do and the kind of damage they inflict, so I’ll go over them one by one.

Keyloggers are programs that run invisibly on your computer in the background. While running, keyloggers record all of your computer’s keystrokes and send them to the attacker. Though the attacker may get your benign search terms (I’ve searched for “cats” more times than I’d care to admit), they’ll also get your passwords and email addresses if you type them in. Because the keylogger is on your computer, those keystrokes are unencrypted and totally exposed to the program. Keyloggers can just as easily record your PIN or credit card information when using online shopping services or banking.

Whereas keyloggers hide in the background, ransomware is anything but subtle. These programs take your computer files such as the photos from your last vacation, tax records for your business, or your favorite songs from this really rare album you have, and encrypts them, making them unable to be opened by you until a fee (the “ransom”) is paid. Some even offer technical support in helping you pay them. One famous example of this software is Cryptolocker, which earned its operators $30 million in 100 days.

Rounding out the list, RATs are what a lot of people think of when they imagine cybercrime. An acronym standing for Remote Access Trojan, these programs give root access of a computer to the attacker, letting them remotely control all of the computer’s functions. They can move your cursor, see what windows you’re currently looking at, and much, much more. Having full access to your computer means they can do anything and everything they want with it.

Whereas malware is designed more to take advantage of your computer and its weaknesses, phishing attacks are designed to take advantage of you. A play on fishing, this sort of malicious behavior is meant to trick you into revealing sensitive or valuable information, such as your passwords, bank account number, SSN, or any other information you want to keep secret. One of the major differences between phishing and malware is that very few phishing attacks require you to download anything.

Nigerian Scamming Emails, alternatively called “419 attacks” (from the Nigerian Criminal Code about fraud) or “Nigerian Prince Emails” are famous examples of phishing attacks. In these emails, the senders claim that they have a large amount of money held in trust because a wealthy relative died, and that they need a little bit more money to gain access to the larger sum. Perhaps they can’t afford the trip to the bank in the capital to claim it, or they may need to pay a “service fee” to the bank. However, this bank, and the larger sum, don’t actually exist. It doesn’t stop people from believing that if they wire some money to the sender, they’ll receive a payout at the end.

Similarly, there are many messages purporting to be from banks or email services like Google. In it, the sender warns that the victim’s account is in jeopardy. Maybe the account is about to be deleted, or that it has been compromised. In any case, the sender has to “authenticate” that the victim is legitimate, and so requests the victim’s account information, including any passwords and mailing addresses. Email phishing attacks are very common because it’s email is cheap, fast, and easily spoofable; it’s trivial to claim a sending email address as “accounts@bankofamerica.com” or “customerservice@google.com” but receive the message elsewhere.

To learn more about phishing check out this talk “Teach a man to phish” from fellow OpenDNSer Vinny Lariza, who recently presented at BsidesLV.

Learning about the different threats on the web is the best weapon in any person’s arsenal, but knowledge alone isn’t enough. Even the most careful people on the web still fall prey to attacks, which is why OpenDNS is here to help defend computers and their users.

Previous Post:

Previous Article

Next Post:

Next Article

Follow Us

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Cisco Umbrella Blog
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Cisco Umbrella

Learn more

  • Events
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2021 Cisco Umbrella