Expert Insight On Slack Phishing Attacks Using Webhooks

By   ISBuzz Team
Writer , Information Security Buzz | Apr 17, 2020 05:15 am PST

AT&T Alien Labs recently conducted research into how webhooks in Slack can lead to some pretty convincing phishing attacks.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Javvad Malik
Javvad Malik , Security Awareness Advocate
InfoSec Leader
April 17, 2020 1:16 pm

This is an interesting attack vector against Slack which is among the few popular messaging tools used in organisations. The concerning aspect about this is that people tend to lower their guard when receiving links on messaging platforms, and in particular when on mobile devices. All this combined can lead to a great increase in the likelihood of a spearphishing attack being successful. It is why employees need to be wary of phishing attacks not just from email, but all social media platforms. In addition, organisations should have threat detection and response controls in place so that in the event an employee does fall victim to a phishing attack, it can be quickly identified and remediated before becoming a widespread incident.

Last edited 3 years ago by Javvad Malik

Recent Posts

Would love your thoughts, please comment.x