Phishing has and always will be a major threat to cybersecurity. Criminals are well aware that the weakest link in all data security solutions are the people the very solutions are trying to protect. So, it’s no surprise that phishing attacks are on the rise.
From January to June of this year, Webroot saw a 60% increase in phishing attempts. This is because phishing continues to be an effective method of infiltrating corporate networks (unfortunately). With just a single employee taking the bait, hackers can easily obtain valuable data, such as credentials and corporate data.
This mode of attack is used to spread malware, such as cryptojacking, ransomware, and Trojans. One particularly nasty bug that’s seeing some recent play is Emotet. Emotet is one of the first botnets to spread banking Trojans laterally within infected networks, making it difficult to remove. Once this botnet sinks its teeth into a network, it gets to work fast. Emotet increases the numbers in its spam botnet and focuses on gathering credentials to increase its resilience. Currently, Emotet is able to turn routers into proxy nodes, which are unlikely to be discovered by the owners of the routers. After setting up camp within a network, Emotet steals payloads of information (passwords, bank account info, and more) at ridiculous speeds, suggesting automation within these attacks.
So, how do users do their part to not get tricked into infesting their networks? The most important thing employees can do is to be vigilant. Stay wise to common campaigns - for example, current ones imitate PayPal receipts, shipping notifications, and “past-due” invoices. If the message seems normal, pay special attention to the credentials of users sending you the emails because that might not actually be from PayPal. Is the email domain trustworthy? That email from your “boss” may be in your junk folder for good reason and you most likely don’t need to buy $1000’s of iTunes cards.
Don’t be fooled by impostors. If you find a suspicious email with mysterious invoices or attachments, do not open them – delete them. If you’re unsure whether a message is legitimate or not, contact your IT department or call the other party involved to ensure your own safety. Cybersecurity works, as long as everyone does their part and stays vigilant.
