Carl Leonard, senior security research manager, Websense, sat down to talk to IT in Canada about the latest phishing strategies.
“There’s well over 200 million users of LinkedIn,” Leonard pointed out, as he spoke of phishers’ social engineering tactics. “Each LinkedIn user probably has around 200 or more connections. Lots of people are very used to seeing those sorts of invitations. It’s a very popular, legitimate subject line that phishers are abusing.”
Though the company predicts that the volume of phishing attacks in the coming year will be low, attackers will be choosing their targets with more care. More than ever, people are aware that they need to exercise caution when opening emails from unknown senders, which means that wide-scale phishing expeditions will no longer yield the same results they used to.
“Banking phish has declined,” said Leonard, “but in its place, more advanced methods are being used to target end users. We’re seeing more targeted, low-volume spear phishing, whereby the phisher selects his targets and goes after individuals that are most likely to be the gatekeepers with an organization.”
Leonard listed CFMs, IT administrators, and receptionists and personal assistants as likely targets, adding that these types of attacks are harder to protect against.
The company also listed the top ten countries that host phishing sites: China, the United States, Germany, the United Kingdom, Canada, Russia, France, Hong Kong, the Netherlands, and Brazil. Canada is number five on the list – it would appear that Canadians is the fifth-most targeted country in the world.
“There’s a great deal of well-established infrastructure [in these countries],” said Leonard. “With the affluence of those countries and the fact that the end users are probably going to be operating in the global level in some way… the malware authors see individuals in these countries as good targets for data that they can trade. It’s also a foot in the door for them to breach an organization and possibly target other organizations.”
To counter these attacks, users must exercise caution when opening any emails they receive.
“End users must be very careful about even opening emails,” said Leonard. “We’ve seen some mail automatically download content, so we have to assume that the end user is not going to notice that and realize that could happen.
“They also have to be careful of attachments. Is LinkedIn really going to send you a PDF of someone’s profile for your convenience? Probably not – they’re probably going to want you to go to their website instead.
“Also, the link that’s in the mail has to be treated with suspicion. It might not be so obvious, but behind the scenes, if you click on that URL link, the malware will redirect you around the web before delivering that malicious payload to you.”
In the event that a user does receive a suspicious email, he or she should go to LinkedIn’s site to verify whether or not someone is, in fact, attempting to connect with him or her.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…