In this series we will examine 3 common phishing attacks; Credential Stealing, Exploit Kits and Malicious attachments.
Phishing is a method used to gain access to or gather personal or financial information from victims that requires an action on their part.
Phishing is the #1 cause of compromise. 30% of phishing emails get opened and 12% of those click on the link or attachment.
While not typically thought of as a phishing attack this type of activity relies on the vulnerabilities in browsers and outdated devices. Here is how an exploit kit works:
- The victim opens an email with a link
- The victim clicks the link and unknowingly visits a malicious page with an exploit kit.
- The exploit kit then compromises the victim’s out of date browser and downloads the malware
- Now the device is infected and the malware can steal passwords and other personal information. Or it may encrypt all the data and demand a ransom. Once the crook has taken control of a system it may use it as a botnet for further attacks or cryptomining.
Exploit kits can be embedded in ads in legitimate websites so there is an element of danger in just surfing the web. Crooks may entice their victims to click on a link with a headline that can’t be resisted such as “Remember this star from the 80s? You won’t believe how she looks today!” This type of clickbait can be very damaging by way of spreading false, unsupported and useless information and can also contain some form of exploit.
Here are some tips to avoid becoming a victim:
- Don’t click on links in emails
- Make sure your browser and devices are patched with the latest updates.
- Install anti-virus and keep it up to date
- Beware of malvertising campaigns