Positive Technologies: government agencies and the defense industry are favorite targets of phishing attacks
Dubai, UAE: 20/02/2024 - Positive Technologies experts analyzed phishing attacks against organizations in 2022–2023. Most often, in phishing messages, criminals pose as contractors. The phishing-as-a-service model has become common practice. Experts predict an increase in the role of AI in both conducting and preventing phishing attacks.
The main objectives of phishing attacks are data theft (85%) and financial gain (26%). One of the channels where criminals can sell the stolen sensitive information is the dark web, where the demand for personal data and credentials of companies' employees and clients is traditionally high. Information can also be stolen for the purpose of spying on an organization or country.
A particular focus of the research is on hacktivists who have become especially active in the midst of the current geopolitical situation. Their main objective is to harm a victim by any means possible, as was the case with the attack on Iran's petrol stations last December, allegedly carried out by an Israeli APT group.
Phishing-as-a-service has become commonplace, a trend our experts forecasted several years ago. Today, phishing-as-a-service is used by professional APT groups, savvy independent attackers, and even newcomers without any special knowledge or skills. Positive Technologies analyzed messaging apps and forums on the dark web where social engineering was mentioned. The analysis showed that the most popular requests and offers were related to ready-made phishing projects, tools for conducting phishing attacks, and the development of phishing web pages.
The majority of phishing attacks are carried out through email (92%), but criminals can adapt to the particularities of the target company and use messaging apps (8%) and SMSs (3%) to deliver their malicious messages. A common attack scenario involves impersonating a company executive or employee through various communication channels. To create a fake profile for sending malicious messages, an attacker only needs to have the name and photo of the target organization's executive or employee.
'Phishing is mainly evolving through the automation of attacks with the help of AI tools,' says Alexey Lukatsky, Information Security Business Consultant at Positive Technologies. The AI tools are becoming increasingly popular and are used both by cybersecurity experts to counter cyberthreats and by criminals to prepare and execute phishing attacks. Cybercriminals use AI to maintain engaging and relevant dialogues with their targets, generate convincing phishing messages, and create deepfakes of voices, images, and videos.'
More than half of the phishing attacks examined in this study were targeted at a specific organization, industry, or country. Most often, attackers target government agencies (44% of incidents with industry-specific targeting) and military enterprises (19%). Rounding out the top three primary targets of phishing attacks are organizations in the field of science and education (14%).
According to the research, criminals most often pose as contractors (26% of attacks). 'They send fake reconciliation statements, invoices, contract renewal documents, and other data related to interactions between contractors,' comments Ekaterina Kosolapova, Information Security Analyst at Positive Technologies. This tactic is widespread because it is applicable to almost all organizations and legitimates the presence of links or attachments in the message. In 58% of attacks, such lures were sent without reference to a specific industry. However, this method is used more than any other in targeted attacks on medical, financial, industrial, and telecommunication organizations.'
To prevent, detect, and respond to phishing attacks, experts suggest that companies educate their employees on cybersecurity and conduct phishing simulations. We also recommend using reputation mechanisms based on security solutions like SWG (Secure Web Gateway), NGFW (Next Generation Firewall), and SASE (Secure Access Service Edge), as well as EDR (Endpoint Detection & Response) solutions and sandboxes for mail traffic and protection against phishing, built into popular browsers or implemented through additional plugins. Basic cyberhygiene on personal computers and mobile devices should not be neglected either, such as regularly updating software and granting minimal privileges to applications
Home >> Technology Section
The Glamorous Nora Fatehi to Bring Her Signature Glamour and Power Moves the To ...
Emirates commits support to Asia Rugby to broaden reach and appeal of sport in 3 ...
September startup spotlight: Five success stories from MBZUAI researchers, stude ...
Elevate Your Hair Game with the Shark® FlexStyle – The Ultimate Styling Tool in ...
Hotpack Global to offer 100 job placements to amnesty seekers
Turkish Airlines Secures First Sustainability-Linked Loan for Two Airbus A321NEO ...
Mohammed Bin Rashid Library Celebrates the Legacy of Ali Sultan bin Bakhit Al-A ...
A Royal Tribute: Amouage's Gift of Kings Collection
DPL cricket tournament season 4 is all set to kick off in October
Dubai Health Authority Launches Professional Diploma in Emergency and Crisis Hea ...
Salon du Chocolat et de la Pâtisserie Dubai Opens for its Third Edition
Emirates celebrates Oktoberfest onboard and in lounges
Mazagan Beach & Golf Resort Launches the “Sun-kissed Getaway” Offer
Emirates unveils its new lounge in London Stansted Airport
MoHAP explores avenues of boosting health collaboration with Serbia
Idea on Smart Water Conservation Solution Wins Inaugural Edition of TCS Sustaina ...
Megastar Chiranjeevi To Receive The Prestigious Iifa Utsavam Special Honour For ...
Dubai-based Toastmasters District 127 emerges No.1 globally
Ru'ya, Careers UAE 2024: Bringing young Emirati talent to a new look lineup of e ...
EDGE Entity LAHAB to Supply Ammunition for National Shooting Championship