Lateral Phishing – Malevolent Emails From Trusted Accounts

lateral-phishing
17 September
Categorized: Cybersecurity and Data Privacy

There has been a lot of attention on the dangers and frequency of phishing attacks and the threat they pose for small businesses and our personal online identity. Phishing is a type of cyberattack in which a malevolent actor sends an email that appears to be from a legitimate source with the intent of doing harm (i.e. stealing information, holding information ransom, etc.)

Thankfully, the increased awareness of phishing has led to a decrease in the success of these attacks. In response, hackers have modified the practice and have started launching “lateral phishing” attacks.

What is lateral phishing?

Lateral phishing attacks come from compromised email accounts within an organization the recipient is a part of, or from accounts that the recipient knows personally. So instead of an email being sent from an unknown address that appears legitimate, lateral phishing emails come from accounts that the recipient knows to be legitimate (e.g. a co-worker, familiar vendors, or even personal friends). As a result, these types of attacks are almost always successful.

How To Protect Yourself and Your Business

It can be difficult to identify these attacks before becoming a victim. After all, if you see an email come in from a person you know, it most likely doesn’t trigger any suspicion. As lateral phishing attacks increase, users should be increasingly mindful and cautious.

There are three main strategies for protection:

  • Security Awareness Training: Training should occur regularly, as hackers are consistently updating their strategies. Precautionary measures developed in response to phishing will not prevent lateral phishing. If an email comes from a familiar address, the recipient should still check the legitimacy of links and files included in the email. Email the sender to double-check if they sent the email before opening links or downloading files.
  • Advanced Detection Techniques: Business owners should prioritize security and invest in tools to help protect the integrity and security of their networks.
  • Two Factor Authentication: We’ve discussed 2FA in previous blogs. While some hackers have found ways to surpass this mechanism, it still offers protection if used properly in conjunction with other security measures that should be put in place and maintained.

The sooner you take steps to increase cybersecurity, the more prepared you’ll be when a threat arises. Contact our experienced attorneys today!

If you have any questions about security measures you can take to protect your accounts or small business, or if you believe you have been a victim of a cyberattack, please contact us by calling 888-691-9319, or fill out this short form to get started.

Visit these links for related information

Cybersecurity & Data Privacy
How Often Should I Update My Passwords?
Hacks From The Past Can Still Be A Threat Today

Get Started Now

Let Us Help! Call us on 888-691-9319 or fill out this quick form and we will contact you within 24 hours!

Parks Zeigler, PLLC – Attorneys At Law

Parks Zeigler, PLLC – Attorneys At Law N/a
VIRGINIA BEACH OFFICE
Address
4768 Euclid Road,
Suite 103
Virginia Beach, Virginia 23462
Map & Directions
Phone
757-453-7744
CHESAPEAKE OFFICE
Address
524 Albemarle Drive,
Suite 200
Chesapeake, Virginia 23322
Map & Directions
Phone
757-312-0211
ELIZABETH CITY OFFICE
Address
200 N. Water Street,
Suite 2A
Elizabeth City, NC 27909
Map & Directions
Phone
252-679-8880