Teacher
Professional
- Messages
- 2,670
- Reaction score
- 814
- Points
- 113
Government agencies, defense companies, and education are the main targets of phishing.
Positive Technologies experts analyzed phishing attacks on organizations in 2022-2023 and identified the main trends and threats. The study was presented at the Ural Forum "Cybersecurity in Finance".
According to the study, attackers most often use phishing to gain data (85% of attacks) and financial gain (26%). Stolen information can be sold on the dark web or used for espionage. Among cybercriminals, hacktivists are especially active, who seek to harm their victims for political or ideological reasons.
The study says that "phishing as a service" (phishing as a service) has become a common practice, experts predicted such a spread of cyber services several years ago. Today, this business model is used by both professional ART groups and experienced lone attackers, as well as beginners who do not have special knowledge and skills. According to an analysis of messengers and forums on the Dark Web that mentioned social engineering, the most popular categories among requests and offers were ready-made phishing projects, tools for conducting phishing attacks, and services for developing phishing pages.
Most phishing attacks are carried out via email (92%), but attackers also use instant messengers (8%) and SMS messages (3%). They often pose as managers or employees of organizations, and they only need to know their names and photos. The most popular trick is to impersonate contractors (26% of attacks), when phishers send fake documents related to interaction with contractors.
"We see automation of attack processes using AI tools as the main vector of phishing development," says Alexey Lukatsky, an information security business consultant at Positive Technologies. - They are gaining more and more popularity and are used both by attackers (for preparing and implementing phishing attacks) and by information security specialists (for countering cyber threats). With the help of AI, cybercriminals maintain a meaningful dialogue with the victim, generate convincing phishing messages, and create deepfakes of voices, images, and videos."
A popular attack scenario is impersonating an organization's manager or employee through various communication channels. To create a fake profile for the purpose of sending malicious messages, an attacker only needs to know the name of the head or employee of the victim organization and have their photos. The most frequent victims of phishing are state institutions (44% of attacks with an industry focus), defense enterprises (19%) and organizations in the field of science and education (14%). To protect against phishing attacks, experts recommend training employees, using reputation mechanisms and solutions of the EDR, SWG, NGFW, SASE class, email sandboxes and anti-phishing mechanisms built into browsers, as well as VM and SIEM class systems. It is also important to follow the principles of digital hygiene on all devices.
Positive Technologies experts analyzed phishing attacks on organizations in 2022-2023 and identified the main trends and threats. The study was presented at the Ural Forum "Cybersecurity in Finance".
According to the study, attackers most often use phishing to gain data (85% of attacks) and financial gain (26%). Stolen information can be sold on the dark web or used for espionage. Among cybercriminals, hacktivists are especially active, who seek to harm their victims for political or ideological reasons.
The study says that "phishing as a service" (phishing as a service) has become a common practice, experts predicted such a spread of cyber services several years ago. Today, this business model is used by both professional ART groups and experienced lone attackers, as well as beginners who do not have special knowledge and skills. According to an analysis of messengers and forums on the Dark Web that mentioned social engineering, the most popular categories among requests and offers were ready-made phishing projects, tools for conducting phishing attacks, and services for developing phishing pages.
Most phishing attacks are carried out via email (92%), but attackers also use instant messengers (8%) and SMS messages (3%). They often pose as managers or employees of organizations, and they only need to know their names and photos. The most popular trick is to impersonate contractors (26% of attacks), when phishers send fake documents related to interaction with contractors.
"We see automation of attack processes using AI tools as the main vector of phishing development," says Alexey Lukatsky, an information security business consultant at Positive Technologies. - They are gaining more and more popularity and are used both by attackers (for preparing and implementing phishing attacks) and by information security specialists (for countering cyber threats). With the help of AI, cybercriminals maintain a meaningful dialogue with the victim, generate convincing phishing messages, and create deepfakes of voices, images, and videos."
A popular attack scenario is impersonating an organization's manager or employee through various communication channels. To create a fake profile for the purpose of sending malicious messages, an attacker only needs to know the name of the head or employee of the victim organization and have their photos. The most frequent victims of phishing are state institutions (44% of attacks with an industry focus), defense enterprises (19%) and organizations in the field of science and education (14%). To protect against phishing attacks, experts recommend training employees, using reputation mechanisms and solutions of the EDR, SWG, NGFW, SASE class, email sandboxes and anti-phishing mechanisms built into browsers, as well as VM and SIEM class systems. It is also important to follow the principles of digital hygiene on all devices.