Expert Insight On Slack Phishing Attacks Using Webhooks

AT&T Alien Labs recently conducted research into how webhooks in Slack can lead to some pretty convincing phishing attacks.

Experts Comments

April 17, 2020
Javvad Malik
Security Awareness Advocate
KnowBe4
This is an interesting attack vector against Slack which is among the few popular messaging tools used in organisations. The concerning aspect about this is that people tend to lower their guard when receiving links on messaging platforms, and in particular when on mobile devices. All this combined can lead to a great increase in the likelihood of a spearphishing attack being successful. It is why employees need to be wary of phishing attacks not just from email, but all social media platforms. .....Read More
This is an interesting attack vector against Slack which is among the few popular messaging tools used in organisations. The concerning aspect about this is that people tend to lower their guard when receiving links on messaging platforms, and in particular when on mobile devices. All this combined can lead to a great increase in the likelihood of a spearphishing attack being successful. It is why employees need to be wary of phishing attacks not just from email, but all social media platforms. In addition, organisations should have threat detection and response controls in place so that in the event an employee does fall victim to a phishing attack, it can be quickly identified and remediated before becoming a widespread incident.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.