Phishing Is The Hackers' Favourite Tool

Phishing is often the first stage of a larger attack that can lead to data breaches, ransomware infections, identity theft, and other serious consequences. Phishing attacks use deception to trick people into giving away sensitive information or taking actions that compromise business security. 

Email phishing is the most common type of phishing technique and is ubiquitous for many users, who may receive numerous different ones every day. Typically, these emails inform the recipient that their account been a compromised in some way and requests an immediate by clicking on a provided link. 

Now, the US Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) have jointly produced a Guide to help users protect themselves against phishing threats.

They explain that social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks. Phishing is a form of social engineering where malicious actors lure victims (typically via email) to visit a malicious site or deceive them into providing login credentials. 

Hackers use phishing for different malicious purposes:- 

Obtaining login credentials: Malicious actors conduct phishing campaigns to steal login credentials for initial network access. 

Malware deployment:   Malicious actors commonly conduct phishing campaigns to deploy malware for follow-on activity, such as interrupting or damaging systems, escalating user privileges, and maintaining persistence on compromised systems. 

This is achieved using a range of different techniques:

  • Sending emails that look like they come from your boss, co-worker, or IT staff.
  • Using text messages or chat platforms to trick you into giving your login credentials.
  • Using Internet phone services to fake caller IDs makes you think they are calling from a legitimate number.

How your organisation can defend itself:-

  • Train yourself and others on how to spot and report suspicious emails.
  • Use Domain-based Message Authentication, Reporting, and Conformance (DMARC) for emails.
  • Set DMARC to “reject” for outgoing emails.
  • Monitor internal email and messaging traffic.
  • Use strong Multi-factor Authentication (MFA) for your credentials.
  • Check MFA lockout and alert settings.
  • Use Single Sign On (SSO) for centralised logins.

Phishing With Malware

This is a phishing attack where hackers pose as a reliable source and make you interact with malicious links or email attachments, which can run malware on your devices. The two most common techniques are:-  

  • Sending links or attachments that make you download malware.
  • Using smartphone apps and text messages to deliver malicious content.

There are several different methods of defending against these attacks  including:- 

  • Use Deny lists at the email gateway and firewall rules to block malware delivery.
  • Do not give users administrative rights.
  • Apply the principle of least privilege (PoLP).
  • Use application Allow lists.
  • Disable macros by default.
  • Use remote browser isolation solutions.
  • Use protective DNS resolvers.

 Reporting Phishing Incidents

If you experience a phishing incident, you should take steps to reset compromised accounts, isolate affected devices, analyse and remove malware, and restore normal operations. Indeed, Reporting any phishing activity to relevant authorities is important in identifying and mitigating new threats.

Phishing attacks are a major threat, but with effective training, security measures, and incident response procedures in place, you can significantly reduce your risk of falling victim to these attacks. 

CISA:   Imperva:   Trend Micro:    Fortinet:    IT Governance:   Cybersecurity News:     

Image: Brian J Tromp

You Might Also Read:

The Latest Trends In Email Threats:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Is OAuth Authentication Secure?
Increase Security For Your Enterprise Cloud With A Next-Generation Firewall »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CERT-In

CERT-In

CERT-In is a functional organisation of the Ministry of Information & Electronics Technology, Government of India, with the objective of securing Indian cyber space.

Privitar

Privitar

Privitar is leading the development and adoption of privacy engineering technology enabling our customers to innovate and leverage data with an uncompromising approach to data privacy.

Red Balloon Security (RBS)

Red Balloon Security (RBS)

Red Balloon Security is a leading embedded device security company, delivering deep host-based defense for all devices.

SecuGen

SecuGen

SecuGen is a leading provider of advanced, optical fingerprint recognition technology, products, tools and platforms for physical and information security.

MPC Alliance

MPC Alliance

A consortium of developers and practitioners of multiparty computation (MPC), committed to accelerating market awareness and adoption of MPC to increase the security and privacy of online services.

CybX Security LLC

CybX Security LLC

CybX is the first company of its kind to merge the practice of computer forensics with computer security and information security.

PizzlySoft

PizzlySoft

PizzlySoft is a global company that is seeking convergence of network and security / software and hardware. We put our value on creating the best security.

Centraleyes

Centraleyes

Centraleyes (formerly CyGov) is a cutting-edge integrated cyber risk management platform that gives organizations unparalleled understanding of their cyber risk and compliance.

TekSynap

TekSynap

TekSynap is a full spectrum Information Technology services provider to federal government agencies.

MedSec

MedSec

MedSec is the only company of its type focused solely on cybersecurity for hospitals and medical device manufacturers, offering both a cybersecurity software solution and consulting services.

Custard Technical Services

Custard Technical Services

Custard provide Network Security for all types of businesses across many industries, helping to keep them safe and secure.

NetRise

NetRise

NetRise was founded as a direct result of the many shortcomings currently in the device security market, specifically targeting the firmware of devices.

Saffron Networks

Saffron Networks

Saffron Networks is an ISO-certified company. We assure our clients of reliable solutions, specifically with the Security landscape and Enterprise Networking.

Aquia

Aquia

Aquia are on a mission to enable innovation and drive transformative change to solve the world’s most pressing and complex cybersecurity challenges.

The Hacking Games

The Hacking Games

The Hacking Games' Mission is to inspire, educate and mobilise a generation of ethical hackers to make the world a safer place.

Kolide

Kolide

Kolide ensures that if a device isn't secure, it can't access your apps.