Phishing Is The Hackers' Favourite Tool

Phishing is often the first stage of a larger attack that can lead to data breaches, ransomware infections, identity theft, and other serious consequences. Phishing attacks use deception to trick people into giving away sensitive information or taking actions that compromise business security. 

Email phishing is the most common type of phishing technique and is ubiquitous for many users, who may receive numerous different ones every day. Typically, these emails inform the recipient that their account been a compromised in some way and requests an immediate by clicking on a provided link. 

Now, the US Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) have jointly produced a Guide to help users protect themselves against phishing threats.

They explain that social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks. Phishing is a form of social engineering where malicious actors lure victims (typically via email) to visit a malicious site or deceive them into providing login credentials. 

Hackers use phishing for different malicious purposes:- 

Obtaining login credentials: Malicious actors conduct phishing campaigns to steal login credentials for initial network access. 

Malware deployment:   Malicious actors commonly conduct phishing campaigns to deploy malware for follow-on activity, such as interrupting or damaging systems, escalating user privileges, and maintaining persistence on compromised systems. 

This is achieved using a range of different techniques:

  • Sending emails that look like they come from your boss, co-worker, or IT staff.
  • Using text messages or chat platforms to trick you into giving your login credentials.
  • Using Internet phone services to fake caller IDs makes you think they are calling from a legitimate number.

How your organisation can defend itself:-

  • Train yourself and others on how to spot and report suspicious emails.
  • Use Domain-based Message Authentication, Reporting, and Conformance (DMARC) for emails.
  • Set DMARC to “reject” for outgoing emails.
  • Monitor internal email and messaging traffic.
  • Use strong Multi-factor Authentication (MFA) for your credentials.
  • Check MFA lockout and alert settings.
  • Use Single Sign On (SSO) for centralised logins.

Phishing With Malware

This is a phishing attack where hackers pose as a reliable source and make you interact with malicious links or email attachments, which can run malware on your devices. The two most common techniques are:-  

  • Sending links or attachments that make you download malware.
  • Using smartphone apps and text messages to deliver malicious content.

There are several different methods of defending against these attacks  including:- 

  • Use Deny lists at the email gateway and firewall rules to block malware delivery.
  • Do not give users administrative rights.
  • Apply the principle of least privilege (PoLP).
  • Use application Allow lists.
  • Disable macros by default.
  • Use remote browser isolation solutions.
  • Use protective DNS resolvers.

 Reporting Phishing Incidents

If you experience a phishing incident, you should take steps to reset compromised accounts, isolate affected devices, analyse and remove malware, and restore normal operations. Indeed, Reporting any phishing activity to relevant authorities is important in identifying and mitigating new threats.

Phishing attacks are a major threat, but with effective training, security measures, and incident response procedures in place, you can significantly reduce your risk of falling victim to these attacks. 

CISA:   Imperva:   Trend Micro:    Fortinet:    IT Governance:   Cybersecurity News:     

Image: Brian J Tromp

You Might Also Read:

The Latest Trends In Email Threats:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Is OAuth Authentication Secure?
Increase Security For Your Enterprise Cloud With A Next-Generation Firewall »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ThreatConnect

ThreatConnect

ThreatConnect is an enterprise threat intelligence platform by Cyber Squared bridging incident response, defense, and threat analysis for InfoSec & DFIR teams.

Smarttech247

Smarttech247

Smarttech247 deliver a range of cyber security solutions, including cognitive security services using IBM Watson for Cybersecurity, SIEM, Compliance & Governance, and Penetration Testing.

Navarino

Navarino

Navarino is the maritime industry’s most advanced communications and connectivity company. We develop advanced technologies and innovative IT solutions including cyber security.

LATRO Services

LATRO Services

LATRO Services is a complete solution provider to discover, locate, and eliminate telecom fraud.

OurCrowd

OurCrowd

OurCrowd is a leading equity crowdfunding platform for investing in global startups.

CyberCube

CyberCube

CyberCube provide world-leading cyber risk analytics for the cyber insurance market.

Cord3

Cord3

Cord3 delivers data protection, even from trusted administrators – or hackers posing as administrators – with high privilege.

spriteCloud

spriteCloud

spriteCloud is an independent software testing, test automation and cybersecurity services provider.

Sertainty

Sertainty

Sertainty enables developers to mix intelligence into data files for active risk mitigation and data control. Discover the impact of Data: Empowered.

Wavex Technology

Wavex Technology

Wavex Technology is an award winning IT Services firm offering clients a secure and fully managed IT service.

Albania Lab

Albania Lab

Albania Lab is a consulting company focused on the development and delivery of digital solutions and IT services including cybersecurity.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.

Nudge Security

Nudge Security

Nudge Security offer the world's first-ever SaaS security solution to discover shadow IT and curb SaaS sprawl across any device or location and nudges employees towards optimal security behavior.

Anjuna Security

Anjuna Security

Software from Anjuna Security effortlessly enables enterprises to safely run even their most sensitive workloads in the public cloud.

iNovex

iNovex

iNovex is a community of innovators that work together to solve hard problems. We partner with you to meet problems head-on and push boundaries with technology solutions.

HashiCorp

HashiCorp

At HashiCorp, we believe infrastructure enables innovation, and we are helping organizations to operate that infrastructure in the cloud.