Security Awareness On GoDaddy Employee Phishing Scheme Jeopardized Escrow.com, Among Others

In response to the recent Krebs On Security report that indicates a spear-phishing attack hooked a customer service employee at GoDaddy.com, the world’s largest domain name registrar, a cybersecurity expert offers perspective.

Experts Comments

April 02, 2020
Javvad Malik
Security Awareness Advocate
KnowBe4
The attackers behind this incident were quite blasé about their intentions and methods and wanted to showcase what they had achieved. Had they been more subtle, they could have caused far more damage. But the real story here is that wasn't a technical issue that led to the breach, but rather a spear phishing attack. It is why social engineering as a whole remains the most popular attack method because of the high return on investment and success rate. It is important that organizations of.....Read More
The attackers behind this incident were quite blasé about their intentions and methods and wanted to showcase what they had achieved. Had they been more subtle, they could have caused far more damage. But the real story here is that wasn't a technical issue that led to the breach, but rather a spear phishing attack. It is why social engineering as a whole remains the most popular attack method because of the high return on investment and success rate. It is important that organizations of all sizes and across all verticals provide effective and timely security awareness and training to employees. This includes regular use of simulated phishing to get employees used to spotting them and being able to report them to IT for further investigation and response.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.