Fool me once, shame on you. Fool me twice, shame on me. We have all been duped at some level by devious on-line schemers. In the Cyber World, it sounds like old news. Phishing is a type of social engineering tactic where an attacker sends a fraudulent ("spoofed") message designed to trick a human victim into revealing sensitive information to the attacker, then introduce malicious software on the victim's infrastructure like ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim.
As of 2020, phishing is by far the most common attack performed by cyber-criminals, with the FBI's Internet Crime Complaint Center[1] recording over twice as many incidents of phishing than any other type of computer crime. Phishing is usually the first step for cyber criminals to place any number of malware, like trojans and the dreaded ransomware that has been plaguing all organizations at increasing rates in 2021.
Impersonation and credential harvesting attacks are most common among phishing attackers this year, according to new research. Avanan's https://www.avanan.com 2021 Global Phish Cyber Attack Report[2] finds credential harvesting is used in 54% of all phishing attacks and is up nearly 15% compared to 2019. Researchers additionally discovered that 20.7% of all phishing attacks are business email compromise (BEC), and only 2.2% are extortion.[3]
Analysis revealed the most targeted industries are IT, healthcare, and manufacturing. IT saw more than 9,000 phishing emails in a one-month span, out of an average of 376,914 total emails. Healthcare received more than 6,000 phishing emails, out of an average of 451,792 total emails; and manufacturing saw just under 6,000 phishing emails, out of an average of 331,184 total emails. Gaining personal identifying information (pii) for criminal fraudulent activity is often the motivation.
Don’t be fooled - Impersonation is the top technique among cyber fraudsters. In 51.9% of all impersonation emails, criminals attempted to impersonate a non-executive in the organization. Research identified that non-executives are targeted 77% more often than C-level execs. The most common tactic is using non-standard characters and limited sender reputation. Non-standard characters are used in 50.6% of phishing links and 84.3% of phishing emails do not have a significant historical reputation with the victim. So use scrutiny and question every emails you receive. Taking the extra few seconds to review can save you and your business from serious repercussions.
Employees of all levels should be trained to identify phishing attempts and participate in testing and ongoing training sessions. And use common sense.
- Always check the “From” address. If an email says it is from Apple or Bank of America but comes from, say, a Gmail account or an address with a foreign domain, it’s fake.
- Do mouse over links in suspicious emails to reveal the true destination. Pasting the URL into a safety checker such as VirusTotal or Google Safe Browsing can tell you if it presents a phishing or malware risk.
- Utilize anti-virus software and keep it up to date. Activate firewalls and other settings that block malicious files.
- Do vary the passwords on your online accounts, which can minimize the damage if you are phished or hacked. Change passwords immediately if you suspect a breach.
- Do not open attachments, no matter how attractive or important they may appear to be.
- If you receive a demanding email message from a member of senior management requesting a payment or funds transfer, call that person and confirm verbally before initiating any payments or credits.
At Red Sky Alliance, we can help cyber threat teams with services beginning with cyber threat notification services, analysis and the implementation of Data Driven Social Engineering Simulation Training from their partnership with Phin Security. https://www.wapacklabs.com/phinsecurity Our team members will be happy to hold a brief call with your team to help them better prepare for phishing, cyberattacks, malware and ransomware. And what if this call led to savings in current duplicated services and forecasted need for additional personnel?
Red Sky Alliance is in New Boston, NH USA and we are proud to be helping in the over-all cyber defense posture. We are a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com.
Interested in a RedXray subscription to see what we can do for you? Sign up here: https://www.wapacklabs.com/RedXray
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
[2] https://www.avanan.com/blog/avanan-releases-1h-2021-global-phish-cyber-attack-report
[3] https://beta.darkreading.com/attacks-breaches/impersonation-becomes-top-phishing-technique
Comments