Anatomy of a modern phishing attack

by | Sep 14, 2021 | Just in, Phishing, Security

Increasing Sophistication of Phishing Attacks

IT security teams today face the daunting task of defending an extended perimeter and attack surface due to the increased use of cloud services and the sheer volume of mobile devices that access corporate applications. Enterprise use of cloud apps continues to climb, while employees typically use multiple devices for work to access the many cloud services.

The recent shift to remote work has further blurred the line between personal devices and corporate-managed devices as employees use them interchangeably for work and recreation. While organizations were forced to adapt to a distributed workforce at an accelerated pace, the dependency on traditional technologies and the quick deployment of new technologies have created security gaps around connecting devices and trusted access.

Verizon’s 2020 Data Breach Investigations Report

According to Verizon’s 2020 Data Breach Investigations Report (DBIR)2, 67% of breaches were due to credential theft, errors and social attacks. This statistic indicates that hackers are focusing their efforts on social engineering and spear-phishing tactics to gain trust of unsuspecting victims and compromise their credentials. Sophisticated attacks are becoming increasingly common as hacking and phishing tools, along with documentation on how to use them, are readily available online to hackers. This has significantly lowered the barrier for entry for hackers with time and resources to target organizations, to gather information about security controls that organizations have implemented, and to execute an attack to bypass those controls.

Phishing attack - how to prevent it

Social Engineering

According to the Cybersecurity and Infrastructure Security Agency (CISA), social engineering3 uses human interaction (often through email or phone calls) to obtain or compromise information about an organization or its computer systems.
Social engineering uses psychological manipulation of people in order to get them to perform a specific action or divulge confidential information. Through information gathered by research and manipulative interactions, social engineers may be able to piece together enough information to infiltrate an organization’s network and impersonate an actual employee. The hacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and may even offer credentials to support that identity.

  • 96% of social engineering attacks are sent via email. (2020 DBIR) 96% 96%
  • 80% of phishing websites have SSL encryption enabled. (Statsia) 80% 80%
  • 74% of phishing websites use HTTPS protocol. (Statsia) 74% 74%
  • 30% of phishingrelated breaches occur to small businesses. (2020 DBIR) 30% 30%
Spear Phishing

Spear phishing or targeted phishing is a form of social engineering tailor‑made for the individual or organization that receives it. Like regular phishing, the goal of this attack is to acquire sensitive information, install malware, or steal credentials. Unlike regular phishing, spear phishing takes advantage of an individual’s personal motivations, interests and incentives to encourage them to fall for the attack.
These types of attacks are opportunistic in nature, taking advantage of the human element of an organization’s security. Even the most technologically savvy employees can fall victim to a well designed social engineering attack. And that’s exactly the situation that played out in the high-profile breach we discuss in the case study below.

Thanks

This report was created by https://duo.com/

Do you need IT support?

Our expertise is in network design, server deployments, remote access (VPN), and cybersecurity.