Hacker use many tactics to steal details that they then use to remotely log onto corporate accounts, cloud services, and obtain access to business databases. Phishing is the most witnessed method, which is most commonly carried out over email.
Hackers design emails using a range of tricks to fool the recipient into visiting a malicious website where they must hand over credentials that are recorded and used by the hackers to remotely access the accounts.
Companies are now realizing the advantages of configuring an advanced spam filtering solution to prevent these phishing emails at source and ensure they do not land in inboxes. Advanced anti-spam and anti-phishing solutions will prevent practically all phishing attacks, so if you have yet to put in place such a solution or you are depending on Microsoft Office 365 protections, we urge you to get in touch and give SpamTitan a trial.
Phishing is not only carried out using email. Rather than using email to share the hook, many threat collectives use SMS or instant messaging services and increasing numbers of phishing campaigns are now being managed by telephone and these types of phishing attack are harder to prevent.
When phishing takes place via SMS messages it is known as Smishing. Instead of email, an SMS message is shared with a link that users are instructed to visit. Instant messaging platforms like WhatsApp are also used. A range of lures are in play, but it is typical for security alerts to be shared that warn the recipient about a fraudulent transaction or other security threat that depends on them them logging in to their account.
In December 2019, the U.S. Federal Bureau of Investigation (FBI) discovered a campaign where hackers were carrying out phishing campaigns using telephones – called vishing. Since then, the number of instances of vishing attacks has grown, leading to the FBI and the Cybersecurity and Infrastructure Security Agency to release a joint alert in the summer about a campaign aiming for remote workers. This month, the FBI has released another alert following a spike in vishing attacks on companies.
Hackers often target users with high levels of privileges, but not always. There has been an increasing trend for hackers to target every credential, so all users are in danger. Once one set of details is captured, efforts focus on elevating privileges and reconnaissance is carried out identify targets in the company with the level of permissions they need – I.e. permissions to perform email updates.
The hackers make VoIP calls to workers and convince them to view a webpage where they need to login. In one attack, a staff member of the firm was identified in the company’s chatroom, and was contacted and convinced to login to their group’s VPN on a fake VPN page. Credentials were obtained and used to carry outer connaissance.
How to Deal with Smishing and Vishing
Dealing with these types of phishing attacks requires a range of processes. As opposed to email phishing, these threats cannot be easily stopped at source. It is therefore crucial to cover these threats in security awareness training classes as well as warning about the dangers of email phishing.
A web filtering solution is ideal for preventing attempts to visit the malicious domains where the phishing pages are hosted. Web filters such as WebTitan can be used to manage the websites that staff members can access on their company phones and mobile devices and will supply protection no matter where an employee uses the Internet.
It is also crucial to configure multi-factor authentication to stop any stolen credentials from being implemented by hackers to remotely log on to accounts. The FBI also advises allowing network using the rule of least privilege: ensuring users are only allowed access to the resources they need for work projects. The FBI also advises regularly scanning and auditing user access rights allocated and reviewing any amendments in permissions.