Skip to content
Contact
Set Up A Call
  • Blog
  • Can You Spot a Cyberattack?
Share this post
Picture of Peter Samoray

Peter Samoray

Can You Spot a Cyberattack?

August 3, 2022
/
Cybersecurity

Phishing attacks have evolved over the years from ridiculously obvious to extremely sophisticated.

It’s been nearly 20 years since the Nigerian Prince scam arose. If only we had provided a small cash advance or bank account information to complete the wire transfer, we could have had millions of dollars unclaimed in a Western Union account he was willing to give us.

Today, attackers use political events, health crises, religious campaigns, romantic connections, governmental threats, fake Zoom meetings, fake job postings, and multiple other methods. These attacks are all designed to get us to provide information or finances we would normally never provide.

The public and private sectors have developed security awareness campaigns to educate employees and reduce the risk of these attacks. However, as one method becomes known, another new, creative, and slightly more malicious method arises to circumvent controls and negate some of the education on those attack methods.

Today, there needs to be constant learning and education on the latest tools and techniques used to attack an organization or individual. Sometimes that education needs to train people to think like malicious attackers to understand how an attack could occur.

This blog post will walk you through the steps of a cyberattack that could cause you or a coworker to click on a malicious link or attachment, creating a major data breach. We’ll start with the phases in which such an attack could occur, using Human Resources as our example.

Read our blog post, “How Can Generative AI Be Used in Cybersecurity?”

4 phases of a cyberattack

Phase one: planning/reconnaissance: In phase one, a malicious attacker researches a target company’s job posting for positions and skills required.

 

Phase two: preparation: A malicious attacker then creates a fictitious resume, profile, references, and photo on common job sites to create an exact match of skills to the position and replicates profile(s) on common social media sites to head off any cross-checking efforts.

 

Phase two: attack: A malicious attacker applies to the target company website and lures the company to contact the attacker through what appears to be an exact match of skills. So rather than going after the fish, you set the bait for the “phish” to swim anxiously toward you.

Next, the HR rep contacts the malicious attacker’s phone (often a burner or disposable phone),  hears a voice, and talks with the attacker about the position. The attacker has already researched and rehearsed the correct responses that the HR rep wants to hear.

Then, the HR rep requests the malicious attacker send a copy of their resume, which the attacker sends from a fictitious email address.

 
Fake Mail Generator
 

 

The HR rep receives an email with the fictitious name of the attacker (let’s use Jane Baid in this scenario) sent from the fictitious email address of the attacker ([email protected]) with the title of: “Jane Baid” Engineering Lead – Attached resume and social media reference.”

The HR rep feels a sense of trust based on the previous phone conversation and a short note from the attacker stating:

 

Dear (HR Rep Name),

I really enjoyed our conversation and have attached both my resume and link to my social media account as a further reference. Please let me know if you need any further information, and I look forward to speaking with you soon about the Engineering Lead position at (target company name).

Sincerely,

Jane Baid (Malicious actor’s fictitious name)

000-000-0000 – Malicious actor’s phone number from their burner or disposable phone

 

Phase four: acquisition. The HR rep, eager to pursue this promising candidate, has quickly clicked on the malicious attachment, which has now loaded sophisticated spyware that still appears like a resume to not arouse suspicion.

The HR rep also clicks on the malicious link containing malware that may go undetected and may also:

  • Send credentials and other information to the attacker
  • Harvest the contact list and send malicious links to those contacts
  • Provide the attacker with unrestricted access to the HR rep’s device(s)

Spotting a cyberattack

Although this cyberattack was muti-phased and highly sophisticated, you can still identify the signs of malicious intent if you look hard enough. Here’s how.

  • Hover over all links from [email protected].
  • Notice differences between what you think the link represents and where it may lead you.
  • Notice differences in domain names “Facebook1, Faceboook, T2witter.”
  • Trust but verify.
    • Unfortunately, things are not always the way they appear.
    • Ensure you can validate multiple sources of information (education, criminal history, credit checks, contacts, name, address, phone number) before initiating any document/correspondence exchange. Although some information can be falsified, you can detect most discrepancies with enough prior validation.
    • Malicious attackers use multiple methods to get people to click on a link or attachment or provide information they would normally not provide.
    • You should not trust what may appear legitimate until you have sufficiently validated information.
  • Conduct security awareness training and phishing simulation attacks of increasing sophistication and maliciousness.
    • Sometimes the tightest administrative and technical controls will not replace the basic human factor and motivators such as trust, greed, embarrassment, boredom, loneliness, addictions, and fear. We need to train people to be aware of these tactics and how to react when these attacks arise.

Best way to protect against cyberattacks

Having read this blog post, you may be several steps closer to protecting your organization from some of the more sophisticated, exceptionally malicious, multi-phased phishing attacks than you were 10 minutes ago before you read it.

However, there’s more.

One of the best ways to combat the most sophisticated phishing attacks, in addition to policy and technical controls, is to continuously and proactively learn about the latest phishing methods and educate yourself — and encourage your organization to pursue education — on how to recognize, react, and report.

Learn more about how PCI handles cybersecurity and request a slide deck from our webinar, “Evolving Cybersecurity Threats & Challenges to Public Power.” Request the slide deck here.

 

Picture of Peter Samoray

Peter Samoray

Peter has over 18 years of cybersecurity experience within multiple sectors, from automotive, defense, telecommunications, retail, consulting, and software development. Peter holds a BA in psychology from Wayne State University, an MS in information systems from the University of Detroit-Mercy, and a certificate in change leadership from Cornell University. Of late, his focus has been on improving the human factor of cybersecurity. Peter maintains the following certifications: CISSP, CISM, CISA, CIPP/US, CIPP/EU, and PMP.

Related blog posts

Loading...
open laptop
Feb 18
About Us,Cybersecurity

PCI Successfully Completes SOC/FISMA Examinations for 2024

Abstract image to help portray "secure code development training"
Feb 05
Cybersecurity

Secure Code Development Training: How to Reduce Risk & Build Secure Software

AI graphic to portray "How Can Generative AI Be Used in Cybersecurity?"
Apr 10
Cybersecurity

How Can Generative AI Be Used in Cybersecurity?

Related press

Loading...
open laptop
Feb 18
About Us,Cybersecurity

PCI Successfully Completes SOC/FISMA Examinations for 2024

Hector Hernandezcortes of PCI Energy Solutions receiving Iberdrola Mexico's prestigious award for Best Supplier in Innovation, Digitalization, and New Technologies at the company’s annual "Allies for the Green Industry" event in 2024
Nov 27
About Us,Customer Success,Mexico,Renewable Energy Trading

PCI Energy Solutions Named Best Supplier in Innovation, Digitalization, & New Technologies by Iberdrola Mexico

Oct 29
Hydrogen

Intermountain Power Agency Expands Hydrogen Storage Tracking Capabilities Using PCI Energy Solutions’ Platform

PCI Energy Solutions

PCI Energy Solutions

Also known as Power Costs, Inc.

Connect with us

U.S. 1+ 405.447.6933

Sales 1+ 405.701.7301

301 David L. Boren Blvd., Suite 2000
Norman, OK 73072

Contact us

We’re Hiring! 

Linkedin Twitter
  • Energy Trading and Optimization
  • ETRM
  • Wholesale Market Participation
  • Portfolio Optimization
  • Settlements and Billing
  • Gas & Fuels Management
  • Generation Outage Management
  • Company Type
  • Utilities
  • Generators
  • Traders
  • Renewable Energy
  • Asset Managers
  • Retailers
  • About
  • About Us
  • Leadership
  • Newsroom
  • Our Technology
  • PCI Insights
  • Cybersecurity
  • AWS Partnership
  • Careers

Subscribe to our newsletter

Subscribe
  • Transmission and Reliability
  • Transmission Outage Management
  • Transmission Scheduling
  • e-Tagging
  • Balancing Authority Operations
  • Energy Accounting
  • Settlements and Billing
  • Sustainable Energy
  • Renewables Trading & Scheduling
  • Energy Storage Optimization & Trading
  • Hydrogen
  • Hydropower
  • Carbon Intensity
  • Markets
  • North America
  • Latinoamerica
  • Europe
  • Australia
  • Thought Leadership
  • Blog
  • Webinars & Events
  • Newsletter
  • Case Studies
  • Customer Portal
  • INFOCUS Conference
  • Product Trainings
  • Product Documentation
  • Issue Tracker

© Power Costs, Inc. 2025 | All Rights Reserved.

  • Privacy Policy
  • Sitemap
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}

[gravityform id=”3″ title=”false” description=”false” ajax=”true”]

Request More Information

[gravityform id=”4″ title=”false” description=”false” ajax=”true”]

[gravityform id="11" title="false" description="false" ajax="true"]
Solutions

Energy Trading and Optimization

  • ETRM
  • Wholesale Market Participation
  • Gas & Fuels Management
  • Portfolio Optimization
  • Settlements and Billing
  • Generation Outage Management
  • ETRM
  • Wholesale Market Participation
  • Gas & Fuels Management
  • Portfolio Optimization
  • Settlements and Billing
  • Generation Outage Management

Transmission and Reliability

  • Transmission Outage Management
  • Transmission Scheduling
  • e-Tagging
  • Balancing Authority Operations
  • Settlements and Billing
  • Energy Accounting
  • Transmission Outage Management
  • Transmission Scheduling
  • e-Tagging
  • Balancing Authority Operations
  • Settlements and Billing
  • Energy Accounting

Sustainable Energy

  • Renewable Energy Trading & Scheduling
  • Energy Storage Optimization & Trading
  • Hydrogen
  • Hydropower
  • Carbon Intensity
  • Renewable Energy Trading & Scheduling
  • Energy Storage Optimization & Trading
  • Hydrogen
  • Hydropower
  • Carbon Intensity

Markets

  • North America
  • Latinoamerica
  • Europe
  • Australia
  • North America
  • Latinoamerica
  • Europe
  • Australia

Resources

Thought Leadership

  • Blog
  • Newsletter
  • Webinars & Events
  • Case Studies
  • ISO/RTO Documentation AI Chatbot
  • Blog
  • Newsletter
  • Webinars & Events
  • Case Studies
  • ISO/RTO Documentation AI Chatbot

Customer Portal

  • INFOCUS Conference 2025 Recap – 2026 Info Coming Soon!
  • Product Trainings
  • Product Documentation
  • Issue Tracker
  • INFOCUS Conference 2025 Recap – 2026 Info Coming Soon!
  • Product Trainings
  • Product Documentation
  • Issue Tracker

About Us

  • About
  • Leadership
  • Newsroom
  • Our Technology
  • PCI Insights
  • Cybersecurity
  • AWS Partnership
  • About
  • Leadership
  • Newsroom
  • Our Technology
  • PCI Insights
  • Cybersecurity
  • AWS Partnership

Careers

Contact Us