What are some of the methods phishers use to compromise organizations?
Email is the most common form of phishing that attackers use to infiltrate an organization. This may take the form of an infected attachment, but since many organizations block or scan attachments, it’s increasingly popular to send a URL for a user to click or just to send some compelling wording to open a line of communication with the target. Phishing emails can have the goal of getting the user to open an infected file, send in credentials, or send money under fraudulent pretenses. There are several options to identify these attacks and prevent them from succeeding, which we’ll explore in an upcoming blog post.
Text and/or SMS messages are another method attackers can target organizations or people. These often take the form of a link for users to click on and enter data. With this attack vector, it’s common for attackers to impersonate banks, government agencies, or other trusted entities.
Sedara has also seen phishing in the form of documents on cloud data storage like Dropbox. Attackers will share a file with their target that contains malicious code or requests for private data.
Less commonly, attackers may use the phone or email to send direct communication to a target with a request for an action like resetting a password or revealing information.
This is a less common vector since it is hard to scale, but still useful, particularly for targeted attacks.
Phishing is most insidious when it uses a combination of techniques. It can even overcome sophisticated security measures like Multifactor Authentication (MFA) – for example, if an attacker manages to steal a password through email, then calls the user pretending to be a technician asking them to approve an authenticator popup on their phone.
Protect Your Organization
Can Sedara help you with assessing or improving your organization’s cybersecurity stance? Contact us for more information.