Subscribe To Our Newsletter!

Stay up to date on the top trending threats as well as the top stories in Security, Networks, Cloud, IT Ops & AIOps.

KNOW your Attack Method of the Week: Phishing

This attack method is responsible for 32% of the world’s data breaches.

Post by Rajarshi Mitra In Security on Sep 10, 2020

Today we’re highlighting attack methods and the one we want to put the limelight on is “phishing” As per the norm, let’s quickly take a look at our threat intel dashboard.

Alright, so there are two things one needs to observe here. “Phishing” is

  • The second most referenced attack method in the last seven days.
  • The third most popular attack method for the previous two months.

Why is phishing so dangerous?

Phishing has become smarter now than ever before. When it comes to this new wave of phishing attacks, the following two methods are on the rise:

  • Clone phishing: The hackers intercept an email from the executive of their target company. Following that, they clone the email and send it to the employees to extract confidential information.
  • Spear phishing: This is a more precise form of phishing attacks. The attacker learns of the victim’s personal information and uses it to communicate with their network.

To get a complete picture of what SOC teams are dealing with daily, consider the following numbers:

  • 65% of attacker groups used spear phishing as the primary infection vector.
  • 32% of the data breaches involve phishing.
  • 59% of the phishing attacks in the Americas are related to finance.
  • 71.4% of targeted attacks involved the use of spear-phishing emails.
  • 74% of cyber-espionage actions within the public sector involved phishing.

Exploring phishing attacks with KNOW

phishing

When you click on “phishing,” you will get redirected to the page above in the dashboard. What you see here are all the articles collated by KNOW in this category. As you can see, the hottest news as of writing is about Google and Amazon being the two most imitated brands for phishing.

However, we want you to focus your attention on the top right corner. KNOW gives you an option to follow the “Operation Kitty Phishing” campaign. This campaign’s main goal its target the government and defense sectors, which a special focus on South Korean users. It uses phishing emails with a zip attachment containing two remote access Trojans disguised as Hangul Word Processor (HWP) documents.

Upon clicking the top-right story card, you will see all the info collated by KNOW about this particular campaign.

phishing

As you can see, we picked up 19 references throughout the web on this particular campaign.

Netenrich Threat + Attack Surface Intelligence

KNOW is Netenrich’s Threat Intel Platform that extracts data from billions of data points and correlates relevant intel and expert analyst insights to help you follow, search, and act—in a fraction of the time it takes now. If you want to know more about KNOW then read this.

However, Netenrich’s offering isn’t just limited to threat intelligence. We offer a powerful combination of threat and attack surface intelligence. This combo helps SecOps to:

  • Find hidden risks to your brand on the public Internet
  • Stay informed about threats in minutes versus hours
  • Act on the most critical threats first.
  • Reduce effort and alert fatigue.
  • Measure and demonstrate value.

If you want to know more about Netenrich’s Attack Surface Intelligence (ASI), click here.

CONNECT WITH US

About Author

Rajarshi is a creative and accomplished writer who made his mark in the blockchain space before stepping into cybersecurity. When he is not working, he is busy chilling with his wife and cat, catching up on the latest Netflix docu-series.....or watching Harry Potter for the 5781241516th time.