One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8480017 |
| Date de publication | 2024-04-11 06:23:43 (vue: 2024-04-11 14:08:16) |
| Titre | FAQS de l'état de l'État 2024 du rapport Phish, partie 1: Le paysage des menaces FAQs from the 2024 State of the Phish Report, Part 1: The Threat Landscape |
| Texte | In this two-part blog series, we will address many of the frequently asked questions submitted by attendees. In our first installment, we address questions related to the threat landscape. Understanding the threat landscape is paramount in crafting a human-centric security strategy. That\'s the goal behind our 10th annual State of the Phish report. When you know what threats are out there and how people are interacting with them, you can create a modern cybersecurity strategy that puts the complexity of human behavior and interaction at the forefront. Our report was launched a month ago. Since then, we\'ve followed up with a few webinars to discuss key findings from the report, including: Threat landscape findings: Over 1 million phishing threats involved EvilProxy, which bypasses multifactor authentication (MFA). Yet, 89% of security pros still believe that MFA provides complete protection against account takeover. BEC threat actors benefit from generative AI. Proofpoint detected and stopped over 66 million targeted business email compromise (BEC) attacks per month on average in 2023. User behavior and attitude findings: 71% of surveyed users took at least one risky action, and 96% of them knew that those actions were associated with risk. 58% of those risky actions were related to social engineering tactics. 85% of security pros believed that most employees know they are responsible for security. Yet nearly 60% of employees either weren\'t sure or disagreed. These findings inspired hundreds of questions from audiences across the world. What follows are some of the questions that repeatedly came up. Frequently asked questions What are the definitions of BEC and TOAD? Business email compromise (BEC) essentially means fraud perpetrated through email. It can take many forms, such as advance fee fraud, payroll redirection, fraudulent invoicing or even extortion. BEC typically involves a deception, such as the spoofing of a trusted third party\'s domain or the impersonation of an executive (or literally anyone the recipient trusts). BEC is hard to detect because it is generally pure social engineering. In other words, there is often no credential harvesting portal or malicious payload involved. Threat actors most often use benign conversation to engage the victim. Once the victim is hooked, attackers then convince that person to act in favor of them, such as wiring money to a specified account. Similarly, telephone-oriented attack delivery (TOAD) attacks also use benign conversations. But, in this case, a threat actor\'s goal is to motivate the victim to make a phone call. From there, they will walk their target through a set of steps, which usually involve tricking the victim into giving up their credentials or installing a piece of malware on their computer. TOAD attacks have been associated with high-profile malware families known to lead to ransomware, as well as with a wide variety of remote access tools like AnyDesk that provide the threat actors direct access to victims\' machines. The end goal might still be fraud; for example, there have been cases where payment was solicited for “IT services” or software (Norton LifeLock). But the key differentiator for TOAD, compared with BEC, is the pivot out of the email space to a phone call., is the pivot out of the email space to the phone. What is the difference between TOAD and vishing? TOAD often starts with an email and requires victims to call the fraudulent number within that email. Vishing, on the other hand, generally refers to fraudulent solicitation of personally identifiable information (PII) and may or may not involve email (it could result from a direct call). Some TOAD attempts may fall into this category, but most perpetrators focus on getting software installed on a victim\'s machine. How do you see artificial intelligence (AI) affecting phishing? What are security best practices to help defend against these novel phishing attacks? AI allows threat actors to tighten up grammatical and s |
| Envoyé | Oui |
| Condensat | 2023 2024 ability about accelerate access account accounts accounts across act action actions activities actor actors actually addition additional address advance advanced affecting against ago allow allows already also amount analytics analyze annual any anydesk anyone approach are artificial asked associated attack attackers attacks attempts attendees attitude attitudes audiences authentication authenticity average bec because been behavior behavioral behaviors behind being believe believed benefit benign best better between blog body brief browser business but bypass bypassed bypasses call came can capability case cases category centric chance chances change changing characteristics check cloud compared complete complexity compromise compromised computer concerned confirm constantly contact content continue controls conversation conversations convince could crafting create created credential credentials critical current cybersecurity damage deception deep deepfake deepfakes defend defenders defense definitions delivery details detect detected detection difference different differentiator direct directing disable disagreed discuss does doing domain download educate effectively efforts either email employees end engage engendered engineering entered essentially even event evilproxy examine example executive exhibits exists expect extortion fake fake: fall families faqs favor fee finally findings findings: first focus follow followed follows forefront form forms fraud fraud; fraudulent frequently from fundamentally generally generated generative getting give given giving goal good grammatical hand handling hard harvesting has hasn have help here high holistic hooked hosted how however human humans hundreds identifiable image impenetrable impersonation implementing important including including: incorporate increases increasingly indicators information inspired installed installing installment instructions intelligence interacting interaction investigations invoicing involve involved involves isn isolation itself javascript judgment juncture just keep key knew know known landing landscape language languages large launched layered lead learn least legitimate less lifelock like likeness limit literally llm logins lure lures machine machines make malicious malware manual many may meaning means media message messages mfa might million mind mistake mitigate mitigating models modern money monitoring month more more most motivate multifactor multilayered multiple natural nearly need next norton not nothing novel number often once one online only option options organization organizations oriented origin other others otherwise our 10th out over page paramount part party payload payment payments payroll people per perpetrated perpetrators person personal personally phish phishing phone piece pii pivot point portal post potential practice practices preferences present privacy problems process processes processing professional profile proofpoint pros protect protection provide provides pure puts questions questions ransomware real receive recipient redirection reduce refers regions registration reiterate related relationships reliable reliably remain remote repeatedly report reputation required requirements requires responsible restrict result rich rise risk risks risky robust running same security see seems sender sender sense sensitive series services” set settings shared should: similarly since site socgholish social software solicitation solicited solution solutions some someone somewhere sophisticated source sources space specific specified spoofing stack starts state stay steps stopped strategy submitted subsequent such sure surveyed suspicious suspicious syntax tactics take takeover takes target targeted technical technologies technology telephone template templates than that them themed then therefore these thing think third those threat threats through tighten time toad today too took tool tools toward translate transmitted tricking trusted trusts tuned two type types typically understanding un |
| Tags | Ransomware Malware Tool Threat Cloud Technical |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.