Today we’re highlighting attack methods and the one we want to put the limelight on is “phishing” As per the norm, let’s quickly take a look at our threat intel dashboard.
Alright, so there are two things one needs to observe here. “Phishing” is
- The second most referenced attack method in the last seven days.
- The third most popular attack method for the previous two months.
Why is phishing so dangerous?
Phishing has become smarter now than ever before. When it comes to this new wave of phishing attacks, the following two methods are on the rise:
- Clone phishing: The hackers intercept an email from the executive of their target company. Following that, they clone the email and send it to the employees to extract confidential information.
- Spear phishing: This is a more precise form of phishing attacks. The attacker learns of the victim’s personal information and uses it to communicate with their network.
To get a complete picture of what SOC teams are dealing with daily, consider the following numbers:
- 65% of attacker groups used spear phishing as the primary infection vector.
- 32% of the data breaches involve phishing.
- 59% of the phishing attacks in the Americas are related to finance.
- 71.4% of targeted attacks involved the use of spear-phishing emails.
- 74% of cyber-espionage actions within the public sector involved phishing.
Exploring phishing attacks with KNOW
When you click on “phishing,” you will get redirected to the page above in the dashboard. What you see here are all the articles collated by KNOW in this category. As you can see, the hottest news as of writing is about Google and Amazon being the two most imitated brands for phishing.
However, we want you to focus your attention on the top right corner. KNOW gives you an option to follow the “Operation Kitty Phishing” campaign. This campaign’s main goal its target the government and defense sectors, which a special focus on South Korean users. It uses phishing emails with a zip attachment containing two remote access Trojans disguised as Hangul Word Processor (HWP) documents.
Upon clicking the top-right story card, you will see all the info collated by KNOW about this particular campaign.
As you can see, we picked up 19 references throughout the web on this particular campaign.
Netenrich Threat + Attack Surface Intelligence
KNOW is Netenrich’s Threat Intel Platform that extracts data from billions of data points and correlates relevant intel and expert analyst insights to help you follow, search, and act—in a fraction of the time it takes now. If you want to know more about KNOW then read this.
However, Netenrich’s offering isn’t just limited to threat intelligence. We offer a powerful combination of threat and attack surface intelligence. This combo helps SecOps to:
- Find hidden risks to your brand on the public Internet
- Stay informed about threats in minutes versus hours
- Act on the most critical threats first.
- Reduce effort and alert fatigue.
- Measure and demonstrate value.
If you want to know more about Netenrich’s Attack Surface Intelligence (ASI), click here.
Subscribe To Our Newsletter!
The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.
Thank you for subscribing!
