At Periscope Holdings, we work diligently to protect our customers and their data within our system. Unfortunately, we often see phishing attacks that try to lure agency customers and/or their supplier partners to provide their credentials to gain access into our customer’s Procurement Solutions or gather access to other systems. We know that bringing attention to these attacks and providing some best practices around dealing with potential phishing attacks is the first step to protecting our customers. We encourage the continual training and awareness to these attacks so that as a community we can combat and avoid any pitfalls. We would like to offer the following steps and advice that will allow us to deal with phishing attacks.
1) Evaluate the impact of the phishing attack.
If possible, it is good practice to determine how many of your customers/partners were affected by the attack. This is determined by the number of notifications you receive from users, a reply to a notification that is sent out to all your user base notifying them of the attack, or by noticing any scraping of publicly available information or lists.
2) Gather any forensic information to investigate source and shut down attack
By getting the header information from the phishing emails, you can determine where the emails are originating and can file a complaint with the mail relaying host service and with the authorities. The reports and details we provide the authorities assist to increase awareness and expose tracking information to help find the originators of the scam.
3) Notify your user base to bring awareness and prevention techniques
Preventing any impact to your system and partner accounts is the primary focus. This starts by communicating to your partners and customers and bringing awareness to the active attacks being seen. Point out techniques of how to detect and avoid falling into phishing traps. If there is evidence of an account compromise or as a proactive strategy, this is a perfect time to suggest or require a user account password reset.
4) Train your user base on detecting phishing emails and identifying trusted emails
Letting users know preventative actions such as how they should never click on strange links that do not have legitimate domains or appear odd in form. Make sure to hover over a link to see the genuine URL that a link will take you to. Be suspicious of shortened URLs like bit.ly links or tinyurls. Be very careful to where you enter your credentials to any site. Make sure that the URL you are on is genuine and is spelled correctly. Many phishing attacks use slightly misspelled domains to trick a user. Try to use spam filters that are very effective in detecting phishing sites when updated regularly.
Together we can take steps to mitigate the impact these attacks have on our organizations. We hope that this notification brings the appropriate awareness and allows you to prepare for any future phishing attacks.