What is Phishing?
Phishing is an attack on individuals in an attempt to steal sensitive information through emails, websites, text messages or other forms of electronic communication that often look to be official communication from a legitimate company or individual. The information these cybercriminals attempt to steal can be user names, passwords, credit card details, bank account information or other credentials. Attackers can then use stolen information for malicious purposes, such as hacking, identity theft, or stealing money directly from bank accounts and credit cards. In some cases, they even sell this stolen information in cybercriminal underground marketplaces.
How does it work?
Phishing attacks often use social engineering bait or lure content. For an organization, a successful phishing attack typically entails discovery and planning by collecting what information is available publicly on the company website, social media, or even domain records such as SPF and MX records. This may allow a cybercriminal to articulate the following:
- the naming scheme in an organization for users accounts
- high ranking officials
- what email security solution is being utilized
- what vendors are being used internally.
A cybercriminal will then move to trial and error, where they begin to determine what users may expect on a day to day basis and monitor the results of their fraudulent emails. Most commonly, its legitimate-looking communication (usually email) that links to a phishing site mimicking sign-in pages that require users to input login credentials and/or account information. The phishing site then captures the sensitive information as soon as the user provides it, giving attackers access to the information. Once they have garnered any level of access they will use this to either initiate an attack or gather additional information to create a even more devised attack.
what are some common types of phishing techniques used against organizations?
- Whaling – A form of phishing in which the attack is directed at high-level or senior executives within organizations. The content could be written as legal subpoena, customer complaints, or other executive issues.
- Impersonation – Where a cybercriminal may attempt to create an email that looks like it is being sent from the CEO, CFO, or other important employees in the organization. Usually the email will request for a specific task to be preformed or access to a specific document.
- Spear Phishing – A targeted phishing attack involving highly customized lure content towards a specific organization. This socially engineered email would be designed to lure you into opening documents or clicking links that automatically install malware.
- Phishing – A board, automated attack that is less sophisticated or targeted. Its intentions are to send out as many emails, to as many domains as possible and monitor for any results.
This is the annual analysis of security events impacting organizations around the globe. This is the 12th edition of this report which contains comprehensive summary of data breaches that were reported by public and private entities around the globe.
- 43% of cyberattacks were on small businesses
- C-Suite executives are 12 times more likely to be targeted in social engineering attacks than other employees
- Phishing is involved in 32% of breaches and 78% of cyber-espionage incidents
- 90% of malware arrives via email
- Ransomware is the second biggest malware threat and accounted for 24% of malware-related breaches
These highlights are important because it shows the vulnerability for cybercriminals to target organizations who don’t have an appropriate solution in place. The solutions that we are discussing in future blogs and webinar videos provide protection against data breaches and phishing overall.