Google teaches users to recognize phishing e-mail

Despite the best efforts of information security specialists, cybercriminals still triumph in many cases. Theft of corporate secrets, personal information, sabotage of competing companies - these are just a few items from an extensive list of malicious actions. And no matter how well the network infrastructure is protected, the weak link remains, which most often causes problems. This link is a man.

The easiest way to get into a secure environment for a cybercriminal is to send a specially crafted message to an employee of the target organization. It can be from the boss, partner, client, etc. The main element of such an e-mail is a malware disguised as a document in the application or a link to a malicious website. Google decided to teach its users to recognize problem messages.

This week, the company published a peculiar questionnaire that allows the participant to clarify, first of all, for himself whether he (or she) is able to recognize a false message. Phishing - many years, and during this time, cybercriminals have learned filigree work, creating fake messages that are very difficult to distinguish from the real ones.

The questionnaire was developed based on the results of trainings conducted by Google, Jigsaw, with 10,000 journalists, activists and politicians.

In some cases, the messages shown in the test task are “white”, in others - pure phishing. Some of them are an exact copy of real phishing messages that were sent by attackers in 2017 and 2016 during major attacks.

After each example, Google learns to recognize signs of problem messages. Most often, this is an estimate of the links or applications contained in the message body, or sender addresses. The link may look quite “white”, but it is formed in such a way that when you click a different url will open.

Jigsaw is a pilot Google project that allows you to evaluate and analyze a wide range of geopolitical issues in IT. In the past, the division team has developed software that can detect trolls' messages, as well as an open-source VPN application . There is a cloud service in Jigsaw inventory that helps filter insults.

According to statistics, out of six recipients who were sent phishing emails, at least one will follow a malicious link with a probability of 80%. For 10%, the probability rises to 90%, and for 20 to almost 100%.

Modern technologies allow attackers to send hundreds of thousands and millions of phishing messages. Some of them are blocked by anti-spam filters and telecommunications security systems. But many thousands get to their addressees.

The cost of such an attack is low because cybercriminals use relatively simple tools, including those that are publicly available. Of course, when solving critical tasks for themselves, attackers can use much more advanced tools. But in the general case, they simply send out thousands and thousands of letters, some of which open the desired “Sesame” to the attacker.

By the way, domestic financial and banking organizations have learned well to defend against phishing. And if in 2017, attacks of this type brought more than 1 billion rubles to burglars, in the past, 2018 only 76.5 million.

However, the scope of work of cybercriminals is constantly increasing. The activity is so active and powerful that in Russia it ledtax breaks for banks. The Ministry of Finance recently published a letter stating that when embezzling funds from a bank account, companies can take into account the resulting loss as an expense, thus reducing the basis for calculating income taxes.

The growing number of hacker attacks against bank customers, including by sending a fake invoice to the victim from a partner’s hacked mail, has led to tax breaks. On the website garant.ru a letter of the Ministry of Finance was published that when embezzling funds from an account in a bank, companies can take into account the resulting loss as an expense, reducing the basis for calculating income tax, Kommersant reports .

The condition for the inclusion of damages is the presence of a document of the state authority about the absence of the perpetrators. This letter is a response to a request from a company that has fraudulently stolen money, both from customers and its own. According to experts, the explanation of the Ministry of Finance will help taxpayers who work in good faith. But there is a loophole. So, the victim and counterparty can develop and implement a "fake" hacking, with an imitation of mail compromise and the subsequent cash invoice.