In Russia, every fifth FakeBoss-style hacking attack, in which attackers pose as company executives, is successful, Maxim Akimov, head of cyber intelligence at SOC CyberART at Innostage, told socialbites.ca.
According to Innostage, the number of such attacks in Russia in the first half of 2024 increased by about 30% compared to the same period last year. Hackers contact company employees via instant messengers or e-mail, introducing themselves as the manager or owner of the company, and then, under various pretexts, seize confidential information or persuade a person to open a malicious file or link.
“The result of the victim’s naivety is the loss of access to their accounts, the computer is infected with viruses, using it as an entry point, and hackers penetrate the perimeter of the company’s IT infrastructure,” Akimov explained.
Cyber intelligence experts at Innostage have calculated that employee scams have a 20% chance of working: On average, one in five FakeBoss campaigns finds at least one employee who is ready to click on the links offered or provide information requested by the scammers.
Akimov noted that to protect against FakeBoss attacks, employees should be trained in the basic principles of cybersecurity, multi-factor authentication should be used, and activities on the internal computer network should be constantly monitored.
Previously AppearedHe said hackers began posing as government agencies to hack Russian companies.