According to Abnormal Security, the first half of 2022 saw a 48 percent increase in email attacks compared to the previous six months, with nearly 70 percent of them containing a credential phishing link.
Credential phishing campaigns have grown not only in number but also in sophistication. By using sophisticated tactics, successful cybercriminals can impersonate well-known companies and brands to collect sensitive account login information from unsuspecting victims. One Thursday release report by email security provider Abnormal Security reviews the latest wave of credential phishing attacks and offers advice on how to prevent them.
What is a credential phishing attack?
The usual phishing emails are often a prelude to credential phishing attacks to infiltrate employee accounts. Once an attacker gains access to an internal account through stolen credentials, they can launch more devastating and dangerous attacks against the entire network.
In the first half of 2022, email attacks against organizations increased by 48 percent, according to the report. Of all those attacks, 68% were credential phishing attempts that contained a link designed to steal sensitive account information. At the same time, 265 different brands were impersonated in the phishing emails.
UNDERSTAND: Mobile device privacy policy (TechRepublic Premium)
Brands are more likely to be spoofed in a phishing attack
Social networks, Microsoft products, e-commerce, and shipping providers are the most common impersonation networks, accounting for 70% of all brands impersonated. Of the more than 425,000 credential phishing attacks a brand was impersonated during this time, 32% of them involved social networks, with LinkedIn at the top of the list.
LinkedIn is an attractive target for spoofing because the site often sends email updates about your resume, your job search results, and other topics. Since LinkedIn users are comfortable receiving emails, it is easier for cybercriminals to send messages with links to phishing sites.
Microsoft was the second most spoofed brand in the first half of 2022 with products like Microsoft 365, Outlook and OneDrive appearing in phishing messages. Microsoft is a popular target because it offers so many different products and services and is used by businesses and individuals. Once a Microsoft-related account is compromised, an attacker can use those credentials to impersonate the actual employee, launch other email attacks, hijack email conversations, and request money transfer request.
Tied in third place in phishing attacks are shipping services and e-commerce platforms, which account for 16% of credential phishing messages. As the COVID-19 pandemic began, online shopping grew by more than 50% from 2019 to 2021, making companies like Amazon a popular target for criminals to steal sensitive credentials.
No industry is immune to a credential scam campaign. The attacks analyzed by Abnormal Security were sent to a wide range of organizations, including those in the advertising, agriculture, construction, energy, financial, government, media, medical sectors. education, real estate, retail, sports, technology and transportation. While the tactics used against different industries may be similar, the brands being counterfeited are often different.
The fake Microsoft email appears in more than half of all phishing messages received by professional sports teams and in nearly half of messages received by agricultural companies. But social media is the most popular brand in attacks against government agencies, educational and religious institutions and entertainment companies. The fake LinkedIn, Facebook, Instagram and Twitter emails were seen in more than half of the attacks targeting these industries.
UNDERSTAND: Password Breach: Why Pop Culture and Passwords Don’t Go Together (Free PDF) (TechRepublic)
How to protect your organization against credential phishing attacks
“While security awareness training remains an important tool in the cybersecurity toolkit, the best way to prevent your workforce from falling victim to attacks is increasingly The trick is to stop them before they reach employees,” Abnormal Security said in its report.
The report adds: “Being proactive in protecting and leveraging innovative technologies is key to reducing your organization’s risk. “No one is denying that email attacks will continue to increase in both number and severity, but they can be prevented with the right solution — one that uses a behavior-based approach. relies on AI and assesses identity, context, and content to establish a known baseline. By understanding what is normal in an organization, the right cloud email solution can block any messages that deviate from there.”
