Parks Zeigler, PLLC - Attorneys At Law

Elizabeth City, NC 252-679-8880
Virginia Beach, VA 757-453-7744
Chesapeake, VA 757-312-0211

Main navigation

Call
Contact
Blog

Lateral Phishing – Malevolent Emails From Trusted Accounts

Categorized: Cybersecurity and Data Privacy

There has been a lot of attention on the dangers and frequency of phishing attacks and the threat they pose for small businesses and our personal online identity. Phishing is a type of cyberattack in which a malevolent actor sends an email that appears to be from a legitimate source with the intent of doing harm (i.e. stealing information, holding information ransom, etc.)

Thankfully, the increased awareness of phishing has led to a decrease in the success of these attacks. In response, hackers have modified the practice and have started launching “lateral phishing” attacks.

What is lateral phishing?

Lateral phishing attacks come from compromised email accounts within an organization the recipient is a part of, or from accounts that the recipient knows personally. So instead of an email being sent from an unknown address that appears legitimate, lateral phishing emails come from accounts that the recipient knows to be legitimate (e.g. a co-worker, familiar vendors, or even personal friends). As a result, these types of attacks are almost always successful.

How To Protect Yourself and Your Business

It can be difficult to identify these attacks before becoming a victim. After all, if you see an email come in from a person you know, it most likely doesn’t trigger any suspicion. As lateral phishing attacks increase, users should be increasingly mindful and cautious.

CONTACT OUR EXPERIENCED VIRGINIA CYBERSECURITY ATTORNEYS

Contact us Today

There are three main strategies for protection:

  • Security Awareness Training: Training should occur regularly, as hackers are consistently updating their strategies. Precautionary measures developed in response to phishing will not prevent lateral phishing. If an email comes from a familiar address, the recipient should still check the legitimacy of links and files included in the email. Email the sender to double-check if they sent the email before opening links or downloading files. 
     
  • Advanced Detection Techniques: Business owners should prioritize security and invest in tools to help protect the integrity and security of their networks.
     
  • Two Factor Authentication: We’ve discussed 2FA in previous blogs. While some hackers have found ways to surpass this mechanism, it still offers protection if used properly in conjunction with other security measures that should be put in place and maintained.

The sooner you take steps to increase cybersecurity, the more prepared you’ll be when a threat arises. Contact our experienced Virginia attorneys today!

If you have any questions about security measures you can take to protect your accounts or small business, or if you believe you have been a victim of a cyberattack, please contact us by calling 888-691-9319, or fill out this short form to get started.

Visit these links for related information

Cybersecurity & Data Privacy
How Often Should I Update My Passwords?
Hacks From The Past Can Still Be A Threat Today

Reader Interactions

Post a Comment