Cyber Criminals Go Phishing

Uploaded on 2023-12-06 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

Phishing is the most common form of cyber crime, with an estimated 3.4 billion spam emails sent every day. Phishing is a simple attack vector that enables cyber attackers to easily scale-up their attacks, customised for their intended targets, and penetarting network security.

Most attacks are launched with the aim of making web users believe that they are communicating with a trusted entity which compels them to share their personal, financial information which is then used for criminal purposes. Phishing costs Internet users billions of dollars every year. 

SANS Institute, a leader training and cyber security certification, recent;y published a report examining new  phishing trends, providing a powerful resource for organisations looking to defend themselves from  phishing attacks.  

One of the most common methods phishing attacks have largely aimed to infect victims' computers with malware and this continues to highly effective. However, as security defenses have become more adept, attackers have shifted their objectives.

SANS have identified three primary goals of phishing attacks 

Password Harvesting:   Phishers frequently attempt to trick individuals into clicking on a link that directs them to a fraudulent website designed to steal their login credentials. Once obtained, attackers can misuse these credentials to cause substantial damage while remaining undetected.

Phone-Based Attacks:   An increasing number of phishing attacks do not include links or attachments but focus on manipulating victims to call a specified phone number. Attackers employ social engineering tactics, such as emotional manipulation, to coerce individuals into revealing sensitive information, making unauthorised purchases, or transferring funds to attacker-controlled accounts. Although these attacks require significant effort, they can yield substantial financial gains.

Scams:    Many phishing emails now omit links or attachments and instead employ impersonation tactics to deceive recipients. These short, impersonating messages often imitate someone the victim knows or trusts, such as a boss, coworker, or a familiar company.  Business Email Compromise attacks exemplify this approach, in which attackers deceive victims into performing actions without the need for malicious links or attachments.

Understanding the different types of phishing attacks your organisation will encounter is crucial to implementing effective anti-phishing solutions.

Preventing Phishing Attacks

Educating your workforce on the most common indicators and clues of phishing attacks is essential. It's not feasible to train employees on every phishing attack and lure, as attackers continually adapt their tactics. 
Focus on the indicators that transcend the method or lures used by cyber criminals. These common indicators include:

Urgency:    Emails or messages that create a sense of extreme urgency, pressuring recipients to take hasty actions, often with threats of negative consequences, usually indicate a phishing attack. For example, fake messages from government agencies claim overdue taxes and potential legal consequences.

Pressure:    Messages that pressure employees to disregard company policies and procedures, pushing them to act inappropriately, are also a red flag. BEC attacks, which manipulate individuals into making unauthorized financial transactions, are a prime example.

Curiosity:    Emails or messages that exploit recipients' curiosity or offer enticing opportunities that seem too good to be true typically betray a phishing attack. Examples include messages claiming undelivered packages or refunds from well-known companies like Amazon.

Tone Discrepancy:    Emails or messages that appear from a known sender but exhibit a tone, wording, or signature inconsistent with the sender's typical communication style are usually phishing scams.

Generic Greetings:   Messages purportedly from trusted organizations but addressed with generic salutations such as "Dear Customer" instead of personalising the recipient's name indicate a potential phishing attempt.

Personal Email Addresses:    Emails that purport to come from legitimate sources but use personal email addresses (e.g., @gmail.com) rather than official company domains are often phishing. 

While these common indicators help protect against various phishing attacks, it's essential to avoid relying on outdated indicators:

Misspellings:   Poor spelling and grammar are no longer reliable indicators, as legitimate emails with errors have become common, and attackers increasingly produce well-crafted messages.

Hovering Over Links:    Hovering over links to check their legitimacy is not recommended, as it may require teaching recipients how to decode URLs, which can be confusing and technical. Many links are obfuscated by security solutions, and this method is difficult to employ on mobile devices.

As phishing attacks evolve, staying informed about emerging trends is vital for maintaining effective defenses. Threat actors are exploiting new modalities and goals, making it essential for organisations to educate their workforce about the evolving nature of these attacks. 

Understanding the most common phishing indicators and adapting to the changing landscape is crucial in the ongoing battle against cyber threats. By doing so, organisations can enhance their security posture and reduce the risks associated with phishing attacks.

SANS:    Arvix:     Mimecast:    Science Direct:     Tripwire:

Image: AbsolutVision

You Might Also Read:

BEC Attacks: Trends & Predictions For 2024:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible




 

« The End Of Crypto Currency
British Nuclear Power Facility Attacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Apcon

Apcon

Apcon's mission is to provide valuable network insights that enable security and network professionals to monitor, secure and protect their data in both physical and virtual environments.

Software Engineering Institute (SEI)

Software Engineering Institute (SEI)

At the CERT Division of SEI we study and solve cybersecurity problems, research security vulnerabilities in software, and develop information and training to help improve cybersecurity.

Information & eGovernment Authority (iGA) - Bahrain

Information & eGovernment Authority (iGA) - Bahrain

The Information & eGovernment Authority facilitates many services catering to different parts of the community within the IT sector in Bahrain including information security.

Elitecyber Group

Elitecyber Group

Elitecyber group is a team of Cyber Security recruitment experts who work for Cyber Security and Cyber Defence clients and candidates throughout Europe.

Hubraum

Hubraum

Hubraum is Deutsche Telekom’s tech incubator, helping startups to create new business opportunities in areas including data analytics, AI, robot process automation and cyber security.

Avertro

Avertro

Avertro helps leaders manage the business of cyber. We help explain cybersecurity to executives, forecasting outcomes, right-sizing your spend, and validating your cyber strategy.

VIRTIS

VIRTIS

VIRTIS' mission is to provide today's leading organizations peace of mind that their entire digital network perimeter is safe from hackers and data breach.

MyCena

MyCena

MyCena has developed a complete system of security, control and management for decentralised credentials.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Support Link Technologies (SLT)

Support Link Technologies (SLT)

Support Link Technologies are an IT Solutions Company committed to achieving customer satisfaction through excellent customer service.

DartPoints

DartPoints

DartPoints helps bridge the digital divide by delivering cloud, colocation, managed services + edge infrastructure.

XpertDPO

XpertDPO

XpertDPO provides data security, governance, risk and compliance, GDPR and ISO consultancy to public and private sector organisations.

Insight Enterprises

Insight Enterprises

Insight is a leading solutions integrator, helping you navigate today’s ever-changing business environment with teams of technical experts and decades of industry experience.

VLC Solutions

VLC Solutions

VLC Solutions is an independent solutions and technology service provider offering Cloud Services, Cybersecurity, ERP Services, Network Management Services, and Compliance Solutions.

SecurityStudio

SecurityStudio

SecurityStudio is a continuous cybersecurity risk management platform that allows decision-makers to quickly identify the most immediate threats and make confident risk informed decisions.

CyBourn

CyBourn

Cybourn's diverse offerings include engineering, analysis, product development, assessment, and advisory services in the cybersecurity space.