Malicious cyber attackers steal user credentials by tricking unsuspecting users into using their login information on engineered fake websites. By hijacking an existing login page or creating an accurately similar login website that you can’t tell it apart from the authentic site, attackers easily gain access to the target network.
Organized phishing operations, in which highly prominent individuals are unwittingly falling victim to cyber attackers who are looking to gain access into their business systems, have proven to be a successful strike trajectory.
Understanding a Growing Threat: Credential Phishing – credential phishing is a quickly growing cyber-attack and is increasingly becoming the preferred entry point for most attackers. This is according to a Menlo Security Report.
The most common targets are public agencies and political organizations, and the attacks are often sponsored by nation-state groups, advanced persistent threat (APT) cyber-criminals or hacktivists, according to the report.
“Attackers know very well how to manipulate human nature and emotions to steal or infiltrate what they want. They use email messages that induce fear, a sense of urgency, curiosity, reward and validation, an emotionally charged response by their victims or simply something that is entertaining and a distraction to convince, cajole or concern even seasoned users into opening a phishing email.” the report said.
OneDrive, LinkedIn and Office 365 logins are the most popular phishing lures used by cyber attackers according to the Menlo Security Report. Attackers intentionally leverage these work productivity tools because people rely on them to conduct day to day business exchanges and correspondences.
One notable detail is that apparently, hackers enjoy long weekends, sinceFriday was reportedly the least popular day for attackers, with only 1% of phishing emails being sent out before the weekend. This means that their well-planned phishing attack will begin to pick up on Mondays – with 11% of URLs distributed.
Easy to say that after the Monday blues, email disbursements increased to over 40% on Tuesdays. Remarkably, the attack system and the fraction of the phishing URLs sent on different days of the week remained the same across every industry. This links business-employee behavior to work ethics in a way.
The roadblock when it comes to detecting credential phishing attacks shows that while the TTPs of a credential phishing attack may be simple, the technology needed to detect and protect businesses and their users from these attacks, and to provide visibility into such attacks, must be smart, robust and sophisticated.