Phishing Is The Hackers' Favourite Tool

Uploaded on 2023-11-06 in TECHNOLOGY--Hackers, FREE TO VIEW

Phishing is often the first stage of a larger attack that can lead to data breaches, ransomware infections, identity theft, and other serious consequences. Phishing attacks use deception to trick people into giving away sensitive information or taking actions that compromise business security. 

Email phishing is the most common type of phishing technique and is ubiquitous for many users, who may receive numerous different ones every day. Typically, these emails inform the recipient that their account been a compromised in some way and requests an immediate by clicking on a provided link. 

Now, the US Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) have jointly produced a Guide to help users protect themselves against phishing threats.

They explain that social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks. Phishing is a form of social engineering where malicious actors lure victims (typically via email) to visit a malicious site or deceive them into providing login credentials. 

Hackers use phishing for different malicious purposes:- 

Obtaining login credentials: Malicious actors conduct phishing campaigns to steal login credentials for initial network access. 

Malware deployment:   Malicious actors commonly conduct phishing campaigns to deploy malware for follow-on activity, such as interrupting or damaging systems, escalating user privileges, and maintaining persistence on compromised systems. 

This is achieved using a range of different techniques:

  • Sending emails that look like they come from your boss, co-worker, or IT staff.
  • Using text messages or chat platforms to trick you into giving your login credentials.
  • Using Internet phone services to fake caller IDs makes you think they are calling from a legitimate number.

How your organisation can defend itself:-

  • Train yourself and others on how to spot and report suspicious emails.
  • Use Domain-based Message Authentication, Reporting, and Conformance (DMARC) for emails.
  • Set DMARC to “reject” for outgoing emails.
  • Monitor internal email and messaging traffic.
  • Use strong Multi-factor Authentication (MFA) for your credentials.
  • Check MFA lockout and alert settings.
  • Use Single Sign On (SSO) for centralised logins.

Phishing With Malware

This is a phishing attack where hackers pose as a reliable source and make you interact with malicious links or email attachments, which can run malware on your devices. The two most common techniques are:-  

  • Sending links or attachments that make you download malware.
  • Using smartphone apps and text messages to deliver malicious content.

There are several different methods of defending against these attacks  including:- 

  • Use Deny lists at the email gateway and firewall rules to block malware delivery.
  • Do not give users administrative rights.
  • Apply the principle of least privilege (PoLP).
  • Use application Allow lists.
  • Disable macros by default.
  • Use remote browser isolation solutions.
  • Use protective DNS resolvers.

 Reporting Phishing Incidents

If you experience a phishing incident, you should take steps to reset compromised accounts, isolate affected devices, analyse and remove malware, and restore normal operations. Indeed, Reporting any phishing activity to relevant authorities is important in identifying and mitigating new threats.

Phishing attacks are a major threat, but with effective training, security measures, and incident response procedures in place, you can significantly reduce your risk of falling victim to these attacks. 

CISA:   Imperva:   Trend Micro:    Fortinet:    IT Governance:   Cybersecurity News:     

Image: Brian J Tromp

You Might Also Read:

The Latest Trends In Email Threats:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Is OAuth Authentication Secure?
Increase Security For Your Enterprise Cloud With A Next-Generation Firewall »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Becrypt

Becrypt

Becrypt is a trusted provider of endpoint cybersecurity software solutions. We help the most security conscious organisations to protect their customer, employee and intellectual property data.

IDnext

IDnext

IDnext is the open and independent platform to support innovative approaches in the world of the Digital identity.

Apomatix

Apomatix

Apomatix is a platform that simplifies the complexity of cyber risk audit and management.

VigiTrust

VigiTrust

VigiTrust is a security firm specializing in cloud based eLearning programs, security compliance portals and providing security assessments.

Stealthcare

Stealthcare

Stealthcare is a full service, global cyber security firm offering solutions that educate, empower and protect.

La Fosse Associates

La Fosse Associates

The InfoSec Recruitment team at La Fosse Associates specialises in placing Information Security & Risk professionals on a permanent and contract basis.

ePlus

ePlus

ePlus designs and delivers effective, integrated cybersecurity programs centered on culture and technology, aimed at mitigating business risk and empowering digital transformation.

Rezilion

Rezilion

Rezilion is a stealth mode cyber-security start-up developing a cutting edge technology that makes cloud environments self-protecting and resilient to cyber-attacks.

NSW Cyber Security Innovation Node

NSW Cyber Security Innovation Node

NSW Cyber Security Innovation Node is part of a national network designed to foster and accelerate cyber capability and innovation across Australia.

Quantum Security Solutions (QSec)

Quantum Security Solutions (QSec)

QSec is an innovative information security consultancy based in Ghana. We can provide your organisation with information security products and services that assure against information risk.

SignalSEC

SignalSEC

SignalSEC provides vulnerability intelligence, malware analysis, penetration testing and associated training services.

Tetra Defense

Tetra Defense

Tetra Defense is a leading incident response, cyber risk management and digital forensics firm.

Fortify 24/7

Fortify 24/7

Fortify 24×7 provides a robust portfolio of managed cybersecurity solutions to help you identify and prevent attacks.

Managed IT Services

Managed IT Services

Managed IT Services is a managed IT Services Company offering a diverse range of Cyber Security services and IT solutions.

Security Awareness Special Interest Group (SASIG)

Security Awareness Special Interest Group (SASIG)

The Security Awareness Special Interest Group (SASIG) addresses the human aspects of security and fraud prevention in an initiative to improve trust and confidence in the online environment.

Affinity Technology Partners

Affinity Technology Partners

Affinity Technology Partners has been fueling the growth of Nashville, Tennessee businesses and nonprofits with reliable IT services since 2002.