Security News
Some 84% of phishing URLs seen by content delivery network Akamai were abusing media and e-commerce companies. Phishing attacks try to trick unsuspecting users by mimicking well-known brands and companies.
Over four months, it found 1,221 active phishing domains that were not part of the Akamai ecosystem but which either consumed data from or redirected victims to Akamai customer sites. "More importantly, we got a clear understanding on the number of victims, and such visibility is rarely published." Since he only used a sample dataset from the Akamai logs, he believes the true number of phishing sites using resources through Akamai is much higher.
Recently discovered spear-phishing emails are using a unique "Scare-factor" lure to convince victims to open attached malicious Microsoft Excel documents: Their HIV test results. "But they should never lead us to fall victim to phishing campaign. Threat actors regularly use purported health information in their phishing lures because it evokes an emotional response that is particularly effective in tricking potential victims to open malicious attachments or click malicious links."
Recently discovered spear-phishing emails are using a unique "Scare-factor" lure to convince victims to open attached malicious Microsoft Excel documents: Their HIV test results. "But they should never lead us to fall victim to phishing campaign. Threat actors regularly use purported health information in their phishing lures because it evokes an emotional response that is particularly effective in tricking potential victims to open malicious attachments or click malicious links."
A phishing campaign was recently discovered leveraging OneNote, Microsoft's digital notebook that automatically saves and syncs notes, to bypass detection tools and download malware onto victims' systems. The attacker was utilizing OneNote as a way to easily experiment with various lures that either delivered the credential-stealing Agent Tesla keylogger or linked to a phishing page - or both.
We are seeing phishing being threat number one, which leads to the human element here at this conference. Microsoft being the biggest target of phishing here in order to target companies and MSPs. There is an industrialization of what they are doing.
Vade Secure's Adrien Gendre explains why the end user is an important link in the security chain.
This week we discuss the stalkerware app that spilled bucketloads of ultrapersonal data, a double-whammy ransomware attack on a homeless charity, and an Amazon Prime-themed phishing attack with a skull-and-crossbones twist. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.
The total number of phishing sites detected by the Anti-Phishing Working Group worldwide in October through December 2019 was 162,155, following the all-time-high of 266,387 attacks recorded in July through September 2019. APWG contributor OpSec Security saw attacks against more than 325 different brands per month in Q4. Stefanie Wood Ellis, Anti-Fraud Product & Marketing Manager at OpSec Security, noted that the most frequent targets of phishing attacks continued to be Webmail, payment, and bank sites, but that "Phishing against Social Media targets grew every quarter of the year, doubling over the course of 2019.".
"Phishing continues to be one of the primary breach vectors in the healthcare industry. It is cheap, effective and profitable to the cyber-criminal element," says Rich Curtiss, director of healthcare risk assurance services at security consultancy Coalfire. "Health records command a hefty price on the 'dark web' and are relatively easy to acquire through phishing attacks. Phishing is an organizational threat and not an IT problem. Addressing the threat must be a strategic imperative and, to be truly effective, must be part of the organizational culture."