Cybercriminals take advantage of busy employees to steal credentials, money and data.
It only takes a few minutes for cybercriminals to lure a phishing victim among your employees, then leverage that success to launch a larger cyberattack against your business. The story is as follows:
1. Choose the victims: A cybercriminal launches a phishing campaign targeting random email recipients (often obtained from a previous data breach) or targeting a specific business or industry. In this case, an ABC Paint employee is randomly targeted by a phishing email.
2. Prepare the bait: The employee, Pauline, opens the phishing email and sees a convincing message about a document to download from a well-known file sharing app. This message is compelling because Pauline uses the app to share documents within and outside the company with company clients. The email includes the app branding to make it look legitimate. Additionally, the sender appears to be their boss, which is a technique called spear phishing, a malicious email that impersonates a person in order to trick the recipient into performing a desired action.
3. Trap the target: Pauline is incredibly busy that day and clicks the malicious link so she can deal with this latest disruption in her already overloaded schedule. The link takes him to a fake website where he is asked to enter his login credentials. She grabs them and opens the document, which contains hidden malware.
4. Undertake malicious actions: The malware downloads onto his device, then quickly spreads over ABC Paint’s corporate network, allowing the attacker to steal credentials and sensitive data in the process. At some point in the attack, ransom notes start showing on employee screens and operations stop.
Phishing is a bigger threat than ever
According to the Anti-Phishing Working Group (APWG), approximately 200,000 new phishing sites appear each month, and campaigns masquerade as more than 500 different brands and entities per month. The group’s report on trends in phishing activity reveals that the number of phishing attacks doubled in 2020. Attacks peaked in October 2020, with a record 225,304 new phishing sites appearing during the year. of that single month.
According to consulting firm Deloitte, 91% of all cyber attacks start with a phishing email addressed to an unsuspecting victim. Phishing campaigns impersonate email and file sharing service providers, pose as salespeople or job seekers, pose as financial institutions, and more to obtain login credentials, steal money and data, and hold businesses, their systems and their data hostage.
Why phishing still works
We all know that you should never click on links or open attachments in questionable emails. Yet phishing remains a lucrative attack vector for bad actors.
This is because attackers have become more adept at impersonating people and taking advantage of our busy working lives. As humans, we are susceptible to momentary errors in judgment because we juggle various applications such as group chats, video conferencing, email and other intrusions into our concentration on normal business tasks. . A phishing email that seems to fit into a busy workflow can slip into a moment of multitasking.
Data loss is the main impact
Once a phishing victim takes a bait, the malicious actor can do several things:
– Control the victim’s device with malware.
– Obtain access to account credentials for data or money theft
– Access victim’s emails and contacts to further target company executives or other employees.
– Distribute malware, including ransomware, to other devices on the same network.
– Access other systems, data or intellectual property of the company.
When a successful phishing campaign turns into a cyberattack, the impact on the business can be devastating. A recent survey indicates that data loss is the most common result of a successful phishing attack, cited by 60% of those surveyed. Compromised accounts or credentials is the second biggest impact, mentioned by 52% of respondents, followed closely by ransomware infections (47%).
Protection against phishing attacks
To protect your business from the damage caused by a successful phishing attack, it is best to take a multi-pronged approach. First, provide employees with regular anti-phishing training and information to help them recognize and avoid phishing campaigns.
Second, assume that errors will always occur and that someone in the company will accidentally click on a malicious link, open a malicious attachment, or provide login credentials to a bogus website. To limit the damage of a successful phishing attempt, make sure your anti-spam software and anti-virus software are up to date on employee devices.
Third, secure the traffic on your network to further reduce the risk of phishing. Avast Secure Web Gateway (SWG) blocks phishing attempts by scanning and blocking bad sites, as well as preventing malicious downloads and known malicious URLs from entering the network.
To find out how to avoid falling victim to a phishing campaign, be sure to check out our latest article.
WE NEED YOU: help us fight hackers by sending us the fraudulent emails and texts you receive (email forwarding, suspicious links or screenshots) to [email protected]
Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all your devices with our free antivirus premium.
–
