NuHarbor Security
  • Solutions
    Solutions
    Custom cybersecurity solutions that meet you where you are.
    • Overview
    • Our Approach
    • Data Icon Resources
    • Consultation Icon Consult with an expert
    • By Business Need
      • Identify Gaps in My Cybersecurity Plan
      • Detect and Respond to Threats in My Environment
      • Fulfill Compliance Assessments and Requirements
      • Verify Security With Expert-Led Testing
      • Manage Complex Cybersecurity Technologies
      • Security Monitoring With Splunk
    • By Industry
      • State & Local Government
      • Higher Education
      • Federal
      • Finance
      • Healthcare
      • Insurance
    Report 2023-2024 SLED Cybersecurity Priorities Report
    2023-2024 SLED Cybersecurity Priorities Report
    Read Report
  • Services
    Services
    Outcomes you want from a team of experts you can trust.
    • Overview
    • Data Icon Resources
    • Consultation Icon Consult with an expert
    • Security Testing
      • Penetration Testing
      • Application Penetration Testing
      • Vulnerability Scanning
      • Wireless Penetration Testing
      • Internal Penetration Testing
      • External Penetration Testing
    • Assessment & Compliance
      • CMMC Compliance
      • NIST 800-53
      • HIPAA Security Standards
      • ISO 27001
      • MARS-E Security Standards
      • New York Cybersecurity (23 NYCRR 500)
      • Payment Card Industry (PCI)
    • Advisory & Planning
      • Security Strategy
      • Incident Response Planning
      • Security Program Reviews
      • Security Risk Assessments
      • Virtual CISO
      • Policy Review
    • Managed Services
      • Curated Threat Intelligence
      • Managed Detection and Response (MDR)
      • Sentinel Managed Extended Detection and Response (MXDR)
      • SOC as a Service
      • Splunk Managed Services
      • Tenable Managed Services
      • Vendor Security Assessments
      • Vulnerability Management
      • Zscaler Support Services
    Report 2023-2024 SLED Cybersecurity Priorities Report
    2023-2024 SLED Cybersecurity Priorities Report
    Read Report
  • Partners
  • Resources
    Resources
    Explore reports, webinars, case studies, and more.
    • Browse Resources
    • Consultation Icon Consult with an expert
    • Blog icon Blog
    • Podcast icon Podcast
    • Annual SLED CPR icon Annual SLED CPR
    • Downloadable Assets icon Downloadable Assets
    Report 2023-2024 SLED Cybersecurity Priorities Report
    2023-2024 SLED Cybersecurity Priorities Report
    Read Report
  • Company
    Company
    We do cybersecurity differently – the right way.
    • Overview
    • Data Icon Resources
    • Consultation Icon Consult with an expert
    • Leadership
    • News
    • Careers
    • Contact
    Report 2023-2024 SLED Cybersecurity Priorities Report
    2023-2024 SLED Cybersecurity Priorities Report
    Read Report
  • Consult with an expert
  • Client support
  • Careers
  • Contact
1.800.917.5719
NuHarbor Security Blog
    • Compliance
    • Cybersecurity Technology
    • Security Operations
    • Industry Insights
    • Security Testing
    • Advisory and Planning
    • Application Security
    • Managed Detection and Response
    • Threat Intelligence
    • NuHarbor
    • Managed Services
    • Cyber Talent
November 21, 2014

Get Informed: Learn About Phishing Attacks

Justin Fimlaid Justin Fimlaid

By: Tony Sweet

Phishing attacks are one of the most common attack vectors that attempt to compromise your personal data. Phishing is not very expensive or time intensive which makes it so popular among cybercriminals.

What is a Phishing Attack?

Phishing attacks are usually in the form of a spoofed email or website. The attacker usually copies a reputable website such as a bank and then sends an email appearing like it is from a reputable source with links that redirect the unsuspecting user to their website. The email usually has some sort of urgency such as “Your account could be compromised, click here to review your recent transactions.” When a user clicks the link they are directed to what appears to be their bank but in reality is the cybercriminals similar looking website. If the user enters their credentials to log in, it will send those credentials to the attacker, thus compromising your personal data.

Other examples of this are fake order forms trying to compromise your credit card, social security number, or other confidential information. The attack can also try to collect information about your computer system, or infect it with malware.

How Can I Identify a Phishing Attack?

Anti-Virus software does not protect you from most phishing attacks. It is up to the user to learn how to spot phishing attacks and protect their own personal data.

Phishing Links are disguised as a reputable link that actually redirects the user to a different page. These are commonly found in Emails and on Social Media.

Spoofed Website's can look like a reputable site that you use (Facebook, LinkedIn, Banking Websites, etc.) but have slightly altered URL’s. For instance you could think you’re on facebook.com because it looks just like Facebook but in reality you are on faceb00k.com (zeros instead of o’s). Once you enter your login information it sends your information to the cybercriminal and redirects you to the real website. They cannot fully compromise your account, and possibly more if you use the same email and password on multiple accounts.

 

Spoofed Email’s appear to come from an authority’s source but are usually generic in nature. A common example would be receiving an email from your IT department about a recent virus, and directing you to click a link in order to protect your computer. IT departments would every ask you to do this yourself.

What Should I do if I am Phished?

If you have been phished you should change your passwords, contact your credit card company and request a new card, and monitor your credit score if your social security number has been compromised.

Protect yourself by using different passwords on every site, especially financial services such as online banking accounts, investment accounts, or e-commerce accounts. Password managers such as LastPass and KeePass can help maintain multiple passwords in a secure way.

Justin Fimlaid
Justin Fimlaid

Justin (he/him) is the founder and CEO of NuHarbor Security, where he continues to advance modern integrated cybersecurity services. He has over 20 years of cybersecurity experience, much of it earned while leading security efforts for multinational corporations, most recently serving as global CISO at Keurig Green Mountain Coffee. Justin serves multiple local organizations in the public interest, including his board membership at Champlain College.

Related Posts

Industry Insights 4 min read
CISO Security Metrics: Proving Business Value Read More
Compliance 1 min read
MARS-E 2.0: Key Dates for Compliance Read More
Compliance 3 min read
Do I Need a SOC2 Report? Read More

Subscribe via Email

Subscribe to our blog to get insights sent directly to your inbox.

Subscribe Here!

Latest Pwned episodes

Episode 200 - Reflections of Pwned...Until Next Time
April 03, 2024
Episode 200 - Reflections of Pwned...Until Next Time
Listen Now
Episode 199 - When a BlackCat Crosses Your Path...
March 21, 2024
Episode 199 - When a BlackCat Crosses Your Path...
Listen Now
Episode 198 - Heard it Through the Grapevine - Beyond the Beltway, 2024
March 08, 2024
Episode 198 - Heard it Through the Grapevine - Beyond the Beltway, 2024
Listen Now
NuHarbor Security logo
NuHarbor Security

553 Roosevelt Highway
Colchester, VT 05446

1.800.917.5719

  • Solutions
  • Services
  • Partners
  • Resources
  • Company
  • Contact
  • Privacy Policy
Connect
  • Twitter
  • Linkedin
  • YouTube
©2025 NuHarbor Security. All rights reserved.