Phishing attack is type of social engineering attack habitually used to filch user data, including login credentials and credit card numbers. It occurs when an attacker, camouflages as a trusted body, swindles a victim into opening an email, instant message, or text message. The user is then tricked into clicking a malicious link, which can lead to the installation of spywares and malwares. This spywares enables the perpetrator to obtain concealed information about the recipient’s computer activities by transmitting data covertly from their hand drive.
Most Common Phishing Attack
For businesses, I think Spear Phishing is most common even though email phishing is still effective to attackers. By Spear Phishing I mean the attackers, targeting specific individual or enterprises. So in this kind of phishing the attackers carefully studies and have a relative knowledge about a person or an organization, including its power structure.
1. A perpetrator in his research gains access to the newest scheme invoices and also founds out key employees within an organization, whose credentials can open up access to lots of vulnerability.
2. Posing as the Manager, the perpetrator may mail this employee, using a subject line that reads, Review Updated Invoice for Q2 Campaigns. The text, style, and included logo duplicate the organization’s standard email template.
3. A link in the email redirects to a password-protected internal document, which is in actuality a spoofed version of a stolen invoice.
4. The employee is requested to log in to view the document. The perpetrator steals his credentials, gaining full access to sensitive areas within the organization’s network.
By providing an attacker with valid login credentials, spear phishing is an effective method for executing the first stage of an Advanced Persistent Threat.
As I said earlier email is still effective to some attackers.
For example in 2011 an attacker sent out an email titled “2011 recruitment plan” to a small group of employees within a Cyber Security Company. The email was loaded with a virus contaminated Excel file. One of the employees opened this file, which gave the attacker access to other employees’ passwords, and thus the whole system became vulnerable.
This gave the attacker access to many US government departments and US defence suppliers networks.
How to Protect against Phishing
This is the most effective way, to countering phishing attacks, as it adds an extra verification layer when logging into sensitive areas. This sort of system would not only require a user’s password to allow access but makes use of other users’ credential to allow access. For instances the system may require a thumb-print as an additional security check, so even when the attacker has the recipient’s password, he may not be of any threat to the organization.
Implement Effective Email Security
Implementing a Secure Email Gateway should be any organization’s first line of defense against phishing attacks. Email Gateways act as a firewall for email communications, blocking any emails containing malicious content. They can also detect domain spoofing, protecting users from email that is impersonating one of their legitimate contacts.
Alongside email gateways,
Educational campaigns can also help diminish the threat of phishing attacks by enforcing secure practices, such as not clicking on external email links.
What are your thoughts on this, let’s get to hear from you, or have you been phished before? share your experience, and how you deciphered that it was a phishing job.