One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8503291 |
| Date de publication | 2024-05-20 10:00:00 (vue: 2024-05-20 10:07:07) |
| Titre | Disséquant une attaque de phishing à plusieurs étapes. Dissecting a Multi-stage Phishing Attack. |
| Texte | Phishing is one of the most common forms of cyber attack that organizations face nowadays. A 2024 risk report states that 94% of organizations fall victim to phishing attacks, and 96% are negatively impacted by them. However, phishing attacks are not only growing in number but are also more sophisticated and successful. This is owing to the modern multi-stage phishing attack, which is common nowadays. The multi-stage phishing attack is a sophisticated and multifaceted technique that increases the likelihood of success of an attack. While these attacks are becoming increasingly common, there needs to be more awareness of them. Therefore, to find relevant measures for mitigating these attacks, organizations must gain crucial insights regarding these multifaceted threats covered in this blog. What is a Multi-stage Phishing Attack? As its name suggests, a multi-stage phishing attack is a complex form of traditional phishing. In a multi-stage setup, a phishing attack relies on more deceptive strategies and phases rather than solely relying on one deceptive email, unlike in a traditional phishing attack. All the phases within the multi-stage phishing attack are designed to build trust and gather relative information about the target over time. Since this approach works discreetly on a multi-phased setup, it allows threat actors to bypass advanced security measures such as residential proxies and phishing detection tools. Multi-stage phishing attacks are a common occurrence in the modern cyber threat landscape. Attackers use this sophisticated layered tactic to deploy targeted ransomware or while conducting successful business email compromise (BEC) attacks. Dissecting a multi-stage phishing attack A multi-stage phishing attack is a sophisticated strategy that relies on a sequence of carefully designed steps. These steps help increase the probability of a successful phishing attack by evading advanced security and detection techniques. A typical multi-stage approach to the attack consists of the following phases: Initial Contact Like any traditional attack, the multi-stage attack starts with the threat actor initiating contact with the target through seemingly innocuous means. These include social media messages, phishing emails, or even physical methods such as USB drops. Establishing Trust After establishing contact with the target, the threat actor builds trust. This often involves impersonating legitimate entities or using communication channels familiar to the target, making it easy for them to fall victim and trust the threat actor. Introducing Complexities As the attack progresses, the threat actor introduces complexities such as using CAPTCHAs, QR Codes, and steganography to create further layers of deception, guaranteeing the attack\'s success. Exploitation The final stage of the attack involves exploiting the target. At this stage, the threat actor could either deploy malware, extract sensitive information, or perform any other malicious activity that might have been the goal of the whole attack. This multi-layered nature of a phishing attack makes it hard to detect through traditional security tools like residential proxies and phishing detection tools. Therefore, it ultimately makes the attack successful. How QR Codes, Captchas, and Steganography Are Used in Layered Phishing Attacks. In a multi-stage phishing attack, QR Codes, steganography, and CAPTCHAs are used to overcome security barriers and increase the attack\'s efficiency. Here is how each of these elements is used to ensure the attack is successful: QR Codes Quick Response or QR codes have become ubiquitous in various applications since they a |
| Envoyé | Oui |
| Condensat | captchas 2024 about abuse access account achieve across activities activity actor actors add additionally advanced after against aims all allow allowing allows already also alternations anonymous any apart appears applications approach are arrive attack attacker attackers attacks attempts audio audit automated avoid aware awareness barriers based bec become becoming been believing best between bigger blog bot bots brute build builds business but bypass bypassing campaigns can captcha captchas carefully caution channels clicking codes common commonly communication complex complexities complicate compromise computers concealing conducting consists constantly contact contactless content continues could covered covertly create created credential crowdsourcing crucial cursor cyber damage dangerous data dealing deception deceptive decipher defence deploy designed detect detection dire discreetly dissecting distinguish documents drops each easy efficiency efficient efficiently efforts either elements email emails embed embedded embedding employee employees enable engineering ensure entirely entities especially essential establishing etc evade evading even every evolve evolving exercise existence experience exploit exploitation exploiting extract extreme face fake fall false familiar files final find following foolproof force forewarned form forms from further gain gaming gather genuine given giving goal growing guarantee guaranteeing handled hands hard harmful harmless harvesting have help helping here hide hovering how however humans identify image images immediately impacted imperceptible impersonating incident include increase increases increasingly information initial initiating innocuous insights instil interacting introduce introduces introducing involves its landscape latest layered layers learn learning legitimate like likelihood linking locations longstanding looking made main makes making malicious malware may means measures media message messages method methods might mitigating modern modules monitor more moreover most multi multifaceted multiple must name nature necessary need needs negatively network not now nowadays number objects occurrence often one online only organisation organisations organizations other over overcome owing payments perform personal phased phases phases: phishing physical plan platform play poses practise prepared privacy probability probably problem professionals progresses protect protection provide proxies public quick quickly quishing ransomware rather react reality reasonable recognize redirect regarding regularly relative relevant relies relying remain report residential response rise risk robust role safe scanning science scripts security security: seemingly senders sense sensitive sequence services setup several share significant since sites sneaky social software solely sophisticated sources spread stage started starts states stay stealthy steganography steps storage strategies strategy success successful successful: such suggests suspicious system tactic target targeted technique techniques technology tell tests text than them therefore these thoroughly threat threats through time tools towards traditional traffic training trends trick trust turing types typical ubiquitous ultimate ultimately unable unauthorised unknown unlike unsolicited url urls usb use used useless user users uses using various verify version very victim vigilance wary way web websites what when which whole widespread will within words works |
| Tags | Ransomware Malware Tool Threat |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.