Expert Analysis On Most Sophisticated Phishing Techniques Using Brand Impersonation

By   ISBuzz Team
Writer , Information Security Buzz | Feb 10, 2020 02:19 am PST

Cybercriminals are employing the most sophisticated phishing techniques using brand impersonation, social engineering and phishing to lure in victims to take over their email accounts according to a study by Researchers from Barracuda and UC Berkeley.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Robert Capps
February 10, 2020 10:21 am

Attacks happen in phases and this report does a good job following them. Account takeover attacks start with the theft of the credentials, either through a system breach, malware, or phishing. There are three broad phases for an attack: gathering the data, testing the data, and monetizing the data. No single fraudster is skilled at all three phases, forcing them to collaborate and leverage each other’s resources. Phishing emails trick victims into clicking on links or on documents that appear legitimate, only to automatically download key loggers or other malware tools used to harvest credentials. Because of the different stages of fraud, we often see time gaps between one step and the next, such as between a successful login into one account and the time when there was malicious activity in the account. Similarly, bad actors use software to attack multiple accounts within seconds, using the cloud or hijacked home computers to originate these attacks, to blend their traffic in to the general internet flow. Technologies that have visibility into these suspicious activities within an account, such as behavioral and device intelligence technologies, can mitigate the attacks before they create any damage for the account owner or the company.

Last edited 4 years ago by Robert Capps

Recent Posts

Would love your thoughts, please comment.x