Phishing is a well known threat that users are constantly being warned about, but as we are in Cybersercurity Awarenss Month though, some may still be wondering what exactly phishing is and how to prevent it. In this blog, I am going to dig into how you can recognize phishing and how enabling multi-factor authentication can help keep you safe.
Phishing attacks have been increasing rapidly year on year, and surged as a result of COVID-19. Research shows that 96% of phishing attacks are sent by email. A common technique used in these attacks is to impersonate well known or trusted brands to entice users to open links and attachments. One way to achieve this is to “spoof” the email address that is shown to users in their email client.
Business email compromise (BEC) is big business for malicious actors. According to the 2021 FBI Internet Crime Report, BEC was responsible for nearly $2.4 billion in cyber crime losses in 2021. At its root, it’s a type of phishing attack. And with the rise of smartphones and tablets, attackers are expanding well beyond email. They now leverage other platforms such as SMS messages, messaging apps like Signal and WhatsApp, and social media apps to target and compromise their targets.
At Tines, we understand there’s no such thing as a universal workflow. While there are often some standard best practices, whether carrying out a workflow manually or automating it, every team has a unique approach and set of tools to solve challenges. This is especially true for security teams, who constantly have to evolve their processes and infrastructure to stay ahead of cyber attackers in today’s rapidly changing threat landscape.
The Anti-Phishing Working Group (APWG) Phishing Activity Trends Report reveals that in Q2 of 2022 there were 1,097,811 total phishing attacks. This marks the worst quarter for phishing observed to date, exceeding Q1 of 2022 which was the first time the three-month total exceeded one million.
The theme of this year’s Cybersecurity Awareness Month theme – “See Yourself in Cyber” – focuses on how both individuals and organizations can better protect themselves from cybercrime. One of the most important steps we can all take is learning to recognize and report phishing attempts.
This past month, Trustwave SpiderLabs observed that HTML (Hypertext Markup Language) file attachments had become a common occurrence in our spam traps, which is not unusual since malware is often delivered through phishing spam. For the past 30 days, SpiderLabs has found the combination of.HTML (11.39%) and.HTM (2.7%) files are our second most spammed file attachment, totalling 14.09%, followed by.EXE files at 12.84%.
There is an exploitation method that can automatically forward emails CC’d to external addresses via an Outlook Desktop rule, even when this action is prevented on the corporate Exchange server. This can be a serious data exfiltration risk allowing post-exploitation persistence in a previously breached account. The legitimate email account owner is highly likely to be unaware of the creation of this rule.
Email is a popular channel for hackers: phishing attacks and malware usually originate from email. In 2022, Verizon found that 82% of breaches involved the human element: phishing emails and ransomware delivered via email continue to plague organizations of all sizes. For an organization with 1–250 employees, roughly one in 323 emails will be malicious, according to Comparitech.
