Security Awareness On GoDaddy Employee Phishing Scheme Jeopardized Escrow.com, Among Others

In response to the recent Krebs On Security report that indicates a spear-phishing attack hooked a customer service employee at GoDaddy.com, the world’s largest domain name registrar, a cybersecurity expert offers perspective.

Subscribe
Notify of
guest

1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Javvad Malik
Javvad Malik , Security Awareness Advocate
InfoSec Expert
April 2, 2020 6:34 pm

The attackers behind this incident were quite blasé about their intentions and methods and wanted to showcase what they had achieved. Had they been more subtle, they could have caused far more damage.

But the real story here is that wasn\’t a technical issue that led to the breach, but rather a spear phishing attack. It is why social engineering as a whole remains the most popular attack method because of the high return on investment and success rate.

It is important that organizations of all sizes and across all verticals provide effective and timely security awareness and training to employees. This includes regular use of simulated phishing to get employees used to spotting them and being able to report them to IT for further investigation and response.

Last edited 2 years ago by Javvad Malik
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x