Cybersecurity Expert On Cisco Webex Phishing Uses Fake Cert Errors To Steal Credentials

In response to reports of new phishing attacks using fake certificate error warnings with graphics and formatting lifted from Cisco Webex emails to steal users’ account credential, a cybersecurity expert offers perspective.

Subscribe
Notify of
guest
2 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Robert Ramsden Board
InfoSec Expert
May 8, 2020 3:22 pm

Our research has seen a rise in convincing phishing attacks targeting people working from home. Cybercriminals are increasingly using typo-squat variants of domains relating to COVID-19 as organisations have not been able to proactively monitor or block these harmful social engineering techniques for fear of not communicating vital and valid information about the pandemic. This challenge becomes even more complicated when considering cloned sites of trusted vendors such as Cisco Webex. We recommend that organisations enable use cases that track increased activity to newly registered domains or rare in order to identify early indicators of suspicious activity. This technique would help protect against this particular threat as the domain was recently registered in the Czech Republic. By flagging potentially malicious links from suspicious locations you can greatly reduce the chance of falling victim to social engineering techniques such as phishing. As more people work from home we will most likely see this become a sinister trend and security teams should stay a step ahead in order to reduce the impact of this activity.

Last edited 2 years ago by Robert Ramsden Board
James McQuiggan
James McQuiggan , Security Awareness Advocate
InfoSec Expert
May 8, 2020 3:10 pm

Criminal groups prey on their victims using urgent requests and fear to get their users to click on a link and entice them to log in on a fake website, all the while, stealing their credentials. This tactic is successful due to the reason that the target may not be aware of the nature of phishing links and to check the email address of the sender.

A common rule of thumb is if an email is requesting the user to login and correct an issue, launch the website, and use a saved bookmark link or a quick Google search for the product. Log in and verify if the information is accurate. Most of the time, it\’s not and just a way for the attacker to gain access to the victim\’s credentials.

Organizations will want to have proper and timely security awareness and training for all employees. This way, they can spot and report any phishing attempts.

Last edited 2 years ago by James McQuiggan
2
0
Would love your thoughts, please comment.x
()
x