Clone phishing is a subset of phishing. This refers to an email that has been cloned from the original message sent by the organization. The recipient may receive this type of email after the communication has started, or it may be unsolicited. Cloned emails appear legitimate and can trick the user into giving up information. A cyber attacker gains access to sensitive data through his fake website that looks identical to the original website. Clone phishing has become a cybersecurity threat and often targets famous people due to the increased interest in their affairs. For example, people who work in politics or large corporations are often targeted because clone phishing offers attackers the opportunity to learn financial information about these people’s activities inside and outside their organizations. The only difference between clone phishing and regular phishing attacks is that all the original data remains intact, but it has been duplicated.
Attackers use clone phishing because they will receive an automated congratulatory response from real employees at their target’s company after sending spam messages. By the time this email arrives, attackers have enough information about computers and Internet security protocols to create an effective online scam. The success of clone phishing attacks depends on how quickly the attacker can gain access to the target’s information before security officials realize the data has been compromised.
The appearance and format of clone phishing emails can vary depending on the sender’s goal. Some messages appear to be sent by a real person at the company, accompanied by copy and pasted content from a real message. Other fake emails include attachments that claim to contain important information, such as invoices or vehicle delivery notices. All of these messages try to trick users into thinking they are legitimate and should be opened immediately without further scrutiny.
Sent from an email address spoofed to obtain the original sender.
The attachment or link in the email is replaced with a malicious version.
This can be a resubmission of the original or an updated version of the original.
If the email seems strange in any way, contact the sender to confirm the legitimacy of the email.
If you’ve received an email from a source you know but it seems suspicious, contact the source with a new email address instead of clicking reply.
Scan all attachments for viruses or malicious code.
Check common links to make sure they don’t lead to fraudulent websites or dangerous code.
Check for spelling and grammar errors that could indicate the email is fraudulent or malicious. Also, keep an eye out for suspicious topics and captions.
Think before you act! Take enough time to carefully evaluate every email you receive before clicking on links or downloading attachments. For example, ask yourself: Does the order confirmation email you received correspond to a recent purchase? Do the sender and recipient addresses make sense?
Address bar spoofing: Watch for URLs and domain names that look like sites you visit frequently (instead of “apple.com,” it might say “acompany.com” or “a1company.com”).
SSL Certificate Errors: If there is no certificate, beware! Often these phishing clone sites don’t bother to get legitimate SSL certificates from trusted authorities because they know victims won’t verify.
HTTPS Everywhere: If your bank or email provider seems secure over HTTPS, it probably is too. But if you notice the absence of a “safe” icon in the address bar of your browser, be careful!
Browser plug-in detection: Some phishing clone sites may try to trick users by mimicking plug-in detection pages from popular websites and brands like PayPal and Google Docs so they can steal user data when victims enter their login details.
Custom error messages: The absence of custom error messages or general error messages can be a sign that a site is illegal.
Similar domain names: If you’re on loginpage.com instead of loginpage.bankofamerica.com, it might be suspicious.
Error pop-ups: Watch out for authentication error pop-ups when trying to navigate to a website, knowing something is wrong, it’s annoying, but don’t get distracted by them, as they can also potentially trick you into giving up your details if you don’t look first to the address bar.
Google Account Access: Be wary of any site that asks for your Gmail account information.
Implement a comprehensive, fully managed cloud-based email security solution. Investing in an advanced, multi-layered email security solution that prevents all malicious and fraudulent emails from reaching your inbox is the most effective way to prevent clone phishing and other dangerous social engineering and impersonation attacks.