Phishing Is The Hackers' Favourite Tool

Uploaded on 2023-11-06 in TECHNOLOGY--Hackers, FREE TO VIEW

Phishing is often the first stage of a larger attack that can lead to data breaches, ransomware infections, identity theft, and other serious consequences. Phishing attacks use deception to trick people into giving away sensitive information or taking actions that compromise business security. 

Email phishing is the most common type of phishing technique and is ubiquitous for many users, who may receive numerous different ones every day. Typically, these emails inform the recipient that their account been a compromised in some way and requests an immediate by clicking on a provided link. 

Now, the US Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) have jointly produced a Guide to help users protect themselves against phishing threats.

They explain that social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks. Phishing is a form of social engineering where malicious actors lure victims (typically via email) to visit a malicious site or deceive them into providing login credentials. 

Hackers use phishing for different malicious purposes:- 

Obtaining login credentials: Malicious actors conduct phishing campaigns to steal login credentials for initial network access. 

Malware deployment:   Malicious actors commonly conduct phishing campaigns to deploy malware for follow-on activity, such as interrupting or damaging systems, escalating user privileges, and maintaining persistence on compromised systems. 

This is achieved using a range of different techniques:

  • Sending emails that look like they come from your boss, co-worker, or IT staff.
  • Using text messages or chat platforms to trick you into giving your login credentials.
  • Using Internet phone services to fake caller IDs makes you think they are calling from a legitimate number.

How your organisation can defend itself:-

  • Train yourself and others on how to spot and report suspicious emails.
  • Use Domain-based Message Authentication, Reporting, and Conformance (DMARC) for emails.
  • Set DMARC to “reject” for outgoing emails.
  • Monitor internal email and messaging traffic.
  • Use strong Multi-factor Authentication (MFA) for your credentials.
  • Check MFA lockout and alert settings.
  • Use Single Sign On (SSO) for centralised logins.

Phishing With Malware

This is a phishing attack where hackers pose as a reliable source and make you interact with malicious links or email attachments, which can run malware on your devices. The two most common techniques are:-  

  • Sending links or attachments that make you download malware.
  • Using smartphone apps and text messages to deliver malicious content.

There are several different methods of defending against these attacks  including:- 

  • Use Deny lists at the email gateway and firewall rules to block malware delivery.
  • Do not give users administrative rights.
  • Apply the principle of least privilege (PoLP).
  • Use application Allow lists.
  • Disable macros by default.
  • Use remote browser isolation solutions.
  • Use protective DNS resolvers.

 Reporting Phishing Incidents

If you experience a phishing incident, you should take steps to reset compromised accounts, isolate affected devices, analyse and remove malware, and restore normal operations. Indeed, Reporting any phishing activity to relevant authorities is important in identifying and mitigating new threats.

Phishing attacks are a major threat, but with effective training, security measures, and incident response procedures in place, you can significantly reduce your risk of falling victim to these attacks. 

CISA:   Imperva:   Trend Micro:    Fortinet:    IT Governance:   Cybersecurity News:     

Image: Brian J Tromp

You Might Also Read:

The Latest Trends In Email Threats:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Is OAuth Authentication Secure?
Increase Security For Your Enterprise Cloud With A Next-Generation Firewall »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

AtkinsRéalis

AtkinsRéalis

AtkinsRealis is a market-leading design, engineering and project management consultancy operating in fields ranging from infrastructure, through energy and transport to cybersecurity.

Veracode

Veracode

Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications.

ThetaRay

ThetaRay

ThetaRay’s solution for Industrial cyber security protects against unknown cyber-attacks that target industry and critical infrastructure.

AdNovum Informatik

AdNovum Informatik

AdNovum Informatik provides a full set of IT services, ranging from consulting, the conception and implementation of customized business and security solutions to maintenance and support.

Tessian

Tessian

Tessian (formerly CheckRecipient) is a next-generation email security platform that helps enterprises counteract human error and significantly reduce the risk of data loss.

CLDigital

CLDigital

CLDigital's no-code risk and resilience platform, CL360, provides leaders with risk and resilience data to make strategic and tactical continuity decisions.

Silensec

Silensec

Silensec is a management consulting, technology services and training company specialized in information security.

ResponSight

ResponSight

ResponSight is a data science company focusing specifically on the challenge of measuring risk and identifying changes in enterprise/corporate networks using behavioural analytics.

Statice

Statice

Statice develops state-of-the-art data privacy technology that helps companies double-down on data-driven innovation while safeguarding the privacy of individuals.

NINJIO

NINJIO

NINJIO is a leader in cybersecurity awareness training. View IT Security Awareness through a different lens - entertain and educate your users through storytelling.

Enet 1 Group1

Enet 1 Group1

Enet 1 Group audits, assesses, recommends, and delivers tested solutions for the ever-increasing threats to your critical systems and digital assets

Mainstream Technologies

Mainstream Technologies

Mainstream Technologies is an information technology services firm specializing in custom software development, managed IT services, cybersecurity services and hosting.

CloudScale365

CloudScale365

CloudScale365 offers state-of-the-art managed IT services and cloud, hosting, security, and business continuity solutions.

NetHope

NetHope

NetHope is a membership-based organization serving the international nonprofit humanitarian, development, and conservation sector through digital transformation.

ScamAdvisor

ScamAdvisor

ScamAdviser helps over 3 million consumers every month to discover if a website is legitimate or a possible scam.

Cyber Brain Academy

Cyber Brain Academy

At Cyber Brain Academy, our mission is to provide high-quality IT certification training for the cyber security workforce.