Top Phishing Trends of 2021 & How to Avoid Them in 2022
Winter is coming, and so are the white walkers, who will send an army of jeopardized emails and links to your inbox to compromise your system and steal your credentials. Phishing attacks are not new; they have been around for more than two decades and are still the most common…
Winter is coming, and so are the white walkers, who will send an army of jeopardized emails and links to your inbox to compromise your system and steal your credentials. Phishing attacks are not new; they have been around for more than two decades and are still the most common scammer attack strategy. Its ability to develop social engineering skills that feast on human emotions and trust is one factor contributing to its high success rate. This blog reveals the top phishing trends of 2021 and lists down techniques for avoiding them.
Use of ‘Initial Access Brokers’
Initial Access Brokers (IAB) have gained more popularity recently with a rising trend of Ransomware-as-a-Service (RaaS). IABs are financially motivated individuals with the sole purpose of securing access to corporate networks and selling it to the highest bidder in the market. These include access to banks, medical records, organizations, and more.
Since 2020, there has been a sudden increase in the sale of such data, owing primarily to the increased remote workforce as a result of the pandemic and increased cyberattacks with a low focus on infrastructure adoption for security. The use of access brokers by ransomware groups has demonstrated the market’s interest in underground forums, acting as a motivator for cybercriminals to look for vulnerabilities and access to sell them to the best buyer.
Impersonating as an insider to phish employees
Companies that use social media for branding and marketing have disclosed tons of information to the public including employee contact details and email addresses. Phishers use social engineering techniques to trick employees into thinking they are their CEO or VP.
People continue to be the most easily duped asset that cyber attackers can use to compromise an organization’s security. Employees should refrain from sharing any personal information or executing financial transactions if the mail or text sounds fraudulent. Always double-check the text and emails, especially when working remotely.
Phishing via text message – Smishing!
We are all aware of spam and fraudulent emails, but we are not yet well trained to mitigate phishing via text messaging. To send bulk emails, phishers set up a gateway system similar to an email server; these spoofed emails are difficult to identify and cannot be distinguished whether they are sent from India or a mail server in the United States.
Be watchful of ‘Typosquatting,’ a technique in which phishers leverage lack of user awareness and technological security by replacing characters from original domain names with look-alike characters, deceiving the user into trusting the domain name. For example, fake domain names will be written as ‘g00gle.com’ or ‘goo1e.com’ matching the font to make it look real. Always read domain names carefully and check website security by copy-pasting the URL in your browser.
Targeted spear-phishing against small organizations
Spear phishing is a technique that involves creating a personalized email and sending it to a user who will trust it because it appears to be from someone he knows. Cybercriminals will conduct research on the employees of small businesses before sending them an email enticing them to click on a link or open an attachment.
Large corporations have multiple backups and data redundancies that allow them to switch from one network to another in the event of a ransomware attack, avoiding total blackout. Small businesses lack backup and security architecture, making it impossible for them to refuse demands from hackers. The open rate of a generic phishing campaign is around 20%, but when the email is personalized based on extensive employee research for a targeted phishing campaign, the open rate exceeds 75%.
Proper training in simulated environments can reduce open and click rates. Attachments in phishing emails, particularly Word, Excel, PDFs, and Powerpoints, may adversely impact your system’s security. If an email appears suspicious, do not open the attachment.
Business Email Compromise (BEC) monetization
Even if your organization is well equipped with cybersecurity, data security compliant systems, and end-user security awareness campaigns, unknowingly downloading malware or clicking on a link sent via a phishing email can infect your organization with ransomware or cause a data breach due to a business email compromise (BEC).
According to the Terranova Security Gone Phishing Tournament, more than 20% of employees are likely to click on phishing email links, and an astounding 67.5 per cent of them visit a phishing website and enter their credentials. BEC results in the loss of corporate funds, exposure of personal and client information, unavoidable effect on the company’s reputation, and the network become inaccessible.
When dealing with vendors or customers, a phisher may send you an email spoofing the client with whom you are dealing. Double-check the email and domain name before responding or taking any further action. In most cases, phishing emails have slightly different domain names than the real ones. For example, if the real domain name is ‘abc.com,’ a phisher will use ‘abctech.com’,’ while keeping all other details the same. As a result, when conducting financial transactions, go the extra mile and verify the company’s domain name.
A reliable endpoint security solution that filters out spam and phishing emails is the best defence. Your best offence will be to educate and raise awareness among employees by the use of a simulated phishing environment, that provides a learning potential while also being a cost-effective way to implement cyber security in your organization.
If you require security solutions that are tailored to your organization’s demands and the degree of security needed, Rahi can help in transforming and enhancing your infrastructure adoption for security with our unique strategy that involves cyber threat assessment, security planning, penetration testing, solution implementation, and advanced cyber threat monitoring.