As fear of the coronavirus continues to spread across the world, cybercriminals take advantage of the topic to send phishing emails using a variety of tactics and a wide range of targets.
Some phishing campaigns are incorporating fake domains designed to resemble the US Centers for Disease Control and Prevention and the World Health Organization (WHO).
Phishing is one of the most common and effective methods of getting information from careless users, and cybercriminals know this. The simple, low-tech method exploits human emotions, such as fear, to trick innocent users and trick them into clicking malicious links.
In 2019, the number of phishing pages in Brazil had a record growth of more than 231%. In addition to activities in this standard and leakage of credentials (emails with a password) and credit cards, the number of passwords leaked from organizations with .br domains is notorious: 23.6 million unique credentials were detected, with "123456" being the password most common with 37.65 million detections in the world.
Since 2013, more than $ 12.6 billion dollars have been stolen through global corporate email losses, known as "CEO fraud"; in 2018 approximately $ 5,000 dollars worth of scams reported by one in 10 consumers, 190% of phishing attacks against social network users and 66% of malware installed via malicious email attachments, purchase orders, fake payments, invoices and receipts.
O phishing has several forms, but below are the most common:
- Mass phishing the predominant form. Hackers send thousands of fraudulent messages to a large user base, aiming for quantity above quality. Mass phishing can capture significant amounts of information, even if only a small percentage of recipients fall for the scam.
- O spear phishing it targets a specific person or function in the company. Cybercriminals research and analyze their victims, gathering personal data on social media before orchestrating the attack. Typically, spear phishing is used as a first step to gain access to corporate resources, networks and more.
- O DNS hijacking It is very difficult to detect. The normally unsafe home router domain name service is hacked to redirect traffic to carefully created phishing website IP addresses. Unsuspecting users type the domain address into their browsers and hand over their credentials. A DNS hack like this occurred with Itau and Banco do Brasil in 2018.
- And finally, the so-called Tech support scams they are a particularly harmful form of phishing for operators. Phishers impersonate operators and ask customers for account credentials or attempt to sell fake technical support services and steal credit card details. These scams can damage the reputation of companies and tarnish the image of brands, for example.
When you look at the path a phishing attack takes, there are two very clear scenarios in which malicious behavior can be mitigated. The first situation is based on Endpoint Security agents that continuously scan and block malicious messages, but it is up to users to install and update the software.
The effectiveness of this type of solution is beyond the control of the operators and has extremely low adoption rates. Ideally, operators can protect customers who become victims by clicking on malicious links with a network-based security solution.
These solutions do not require users to take any action and offer opportunities for engagement and high adoption rates. By embracing the nudity of protection and educating customers, operators can contribute to reducing the incidence of cybercrime and making the Internet a safer place for consumers.
Unfortunately it seems that such an initiative on the part of operators has not been taking place, given the enormous growth of these types of attacks. It seems that we are in yet another case of the good old "each for himself and God for all". It shouldn't be like that, but.
So see the 10 tips to protect yourself from phishing attacks right now!