New tricks to deliver phishing attacks
Hackers are constantly on guard, and these threat actors are evolving their attacks making themselves more potent over time. Starting 2023, phishing is still as large a concern as ever. Cybersecurity is experiencing a fierce conflict between hackers and security experts as a result of the exponential growth in technology.
Cyber criminals are trying new methods to help ensure phishing attacks are successful. The phishing emails infect victims with malware -- and they're doing so by experimenting with a new method of delivering the malicious payload. India has become one of the most frequently targeted countries for ransomware attacks this year.
As per the report from Proofpoint, there's been a rise in cyber attackers attempting to deliver malware using OneNote documents, a digital notebook signified by .oneextensions that is part of the Microsoft 365 office applications suite.
The question is why is phishing so favourite among black hats?
Because it plays as what has been often described as cybersecurity’s “weakest link”. The 2022 DBIR revealed, 82% of breaches involved the human element, and that largely means employees being duped into clicking on malicious links and diving into fraudulent sites.
why it’s important that all companies know how to spot some of the most common phishing scams if they are to protect their corporate information. It’s also crucial that their employees are familiar with some of the most common types of techniques that malicious actors use to pull off these scams.
After all, they are the ones on the front line. However, it’s unfair to put all the blame on humans as weak security measures account for much of the exploits that slip through. A person can’t click on what’s not there, so email security platforms, digital risk protection, and anti-phishing solutions are a key element. However, you can’t defend against what you don’t understand.
Researchers warn that it's likely these campaigns have a high rate of success if the emails aren't blocked -- and that more cyber-threat groups are likely to adopt this technique to successfully deliver phishing and malware campaigns.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.