Topic Briefing | The beginning of cyber attacks “phishing” and countermeasures

In the era of COVID-19, companies’ responses to vulnerabilities and zero-days have improved significantly. As a result, attackers switched to targeting users through phishing attacks.

A company’s security is as strong as its weakest link. In general, the weakest link has to do with humans and users. In fact, according to Verizon’s 2020 Data Breach Investigation Report, phishing is the number one threat activity related to data breaches.

ⓒ Getty Images Bank

Phishing is a cyberattack that uses forged email as a weapon. The goal of phishing is to trick email recipients into thinking that the message is something they need or want. For example, an email requesting information from a bank or a message from a colleague within the company induces them to click on a link or download an attachment.

Methods of typical cyberattack “phishing” and how to prevent it
What is ‘phishing through text messages’ smishing and how to prevent it

Phishing is on the low side in terms of attack techniques. There are, of course, much more sophisticated phishing variants, such as spear phishing, a focused and personalized phishing attack, or whaling, a phishing attack that focuses on high-level or high-value targets, but these attacks are more socially engineered than technical. is focused on

Why It’s Hard to Stop Targeted Email Attacks “Understanding Spear Phishing”
Senior executives with sensitive data new ‘prey’ for phishing and ransomware
“Intrusion into the network within 2 hours after successful phishing” How Carbanac’s hacking works… bitdefender

However, phishing is one of the most effective types of attack because it bypasses many network and endpoint protection solutions. The biggest characteristic of phishing is the format of the message. The attacker impersonates an entity or a real person, a real person, or a trading partner trusted by the recipient. Phishing is one of the oldest forms of cyberattacks, beginning in the 1990s, and has recently evolved into the most widely used and fatal attack as phishing messages and techniques have become increasingly sophisticated.

In particular, Business Email Compromise (BEC) is a relatively new type of attack, leading the frequency of occurrence and the total amount of damage, and quickly became the number one public enemy. According to the FBI’s 2019 Internet Crime Report, the most disruptive cybercriminals in 2018 were corporate email compromises and email account compromise. The FBI calls an email account compromised when an individual is harmed, and a BEC when a company is harmed.

Unlike phishing attacks, where an attacker spoofs an internal address from the outside or creates a website that looks real, a BEC attack essentially steals the identity of a compromised individual. Therefore, the problem is that when someone asks for a transfer, they use the actual CEO’s corporate email, not the CEO’s email.

Security Threats Too Familiar and Overlooked: Email Outsourcing
14 Guidelines for Preventing Corporate Email Attacks
How AppNormal Security Prevents Corporate Email Compromises

Recently, almost all security companies are sending warning messages to beware of phishing attacks. In fact, all data breaches and cyberattacks start with phishing attempts to trick someone into downloading malware. According to Proofpoint’s 2020 Phishing Situation Report, 65% of U.S. agencies and businesses experienced phishing attacks in 2019.

AhnLab urges caution against malicious code distributed from phishing sites disguised as ‘messenger download’
Fake MSI Afterburner Malware Warning ‘Beware of Phishing Sites’
FireEye Unveils New Malware Used in UNC2529 Group’s Global Phishing Campaign
East Security warns of email phishing attacks targeting North Korean workers
Jiran Jigyo Security, phishing emails abusing Corona 19… Emphasis on ‘prevention through e-mail mock training’
“More than 30,000 phishing URLs alone”… SK infosec, Corona 19 malicious email attack warning
Palo Alto Networks Announced “Beware of Corona-related Phishing Emails, Fake Apps, and Domain Names”

Companies regularly train users to be aware of phishing attacks, but many users don’t know how to recognize an actual attack. Being attacked by phishing isn’t a matter of intelligence. Phishing scams are victims of phishing scams among those who are known in society as intelligent and smart, such as doctors, lawyers, engineers, scientists, and even Nobel Prize winners in physics.

8 types of phishing attacks and how to recognize them
Causes of “Phishing People” and How to Fix It

Users are not well aware of the situation when they fall into a phishing attack. Any reasonable and savvy user could be aware of the risk that clicking a link in an email could lead to a malicious download or subsequent fraudulent message asking for money. However, the average user might think that nothing will happen or end up with spam ads or pop-ups.

That’s why it’s so important to educate yourself about phishing. When I was young, when I crossed the road, I was taught to look both ways and cross. It takes time to get used to this, but if you do it repeatedly, you will automatically look left and right when crossing the street or turning a corner. This is the ultimate goal of social engineering coping education.

Recently, many companies of all sizes are implementing security education through phishing tests. Phishing tests are conducted in which security teams create and send genuine-looking malicious phishing emails to employees. They usually open up emails with information about missing deliveries, invoice requests, and celebrity gossip.

But, according to Dr John Bryce, Ph.D., CybSafe’s head of behavioral science, companies should choose their email templates carefully, including avoiding topics that are likely to upset their employees.

How to prepare for an effective phishing attack simulation
5 Best Practices for Ethical and Effective Phishing Testing


Source: ITWorld Korea by www.itworld.co.kr.

*The article has been translated based on the content of ITWorld Korea by www.itworld.co.kr. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!