Security News > 2021 > August > Increase in credential phishing and brute force attacks causing financial and reputational damage
Key findings 32.5% of all companies were targeted by brute force attacks in early June 2021.
73% of all advanced threats were credential phishing attacks.
Credential phishing and brute force attacks surging.
Over the course of the quarter, researchers saw a significant increase in credential phishing, as well as brute force attacks, which are used to obtain personal information such as passwords, passphrases and usernames through a string of continuous, automated attempts.
"Socially-engineered attacks are dramatically rising within enterprises, worldwide, creating unprecedented financial and reputational risks," said Evan Reiser, CEO, Abnormal Security.
"These never-before-seen attacks are becoming more sophisticated with every passing day. They don't contain indicators of compromise, such as links, attachments and reputational risks, so they evade secure email gateways and other traditional email infrastructure, landing in inboxes where unsuspecting employees fall victim to their schemes, which include ransomware. In order to effectively protect against these attacks, we can no longer rely only upon established threat intelligence."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/w-TiwC5TThk/
Related news
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- How New AI Agents Will Transform Credential Stuffing Attacks (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials (source)
- How financial institutions can minimize their attack surface (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)