Five emails that are dangerous to open

The ubiquitous phishing

Russians open about 30% of phishing emails they receive via email. This was reported to socialbites.ca at the local information security company Antiphishing. Experts came to this conclusion after performing 40,000 simulated phishing attacks and analyzing the behavior of more than 20,000 employees from 37 companies.

Many times – in 59% of cases – employees opened emails containing an infected link. Emails with malicious attachments accounted for 32% of openings, while phishing emails sent to an employee’s account on social networks or instant messengers accounted for 9%.

The company’s experts also gave the five most popular examples of these malicious mails, which are most often “pecked” by company employees.

Business offer

Hackers send letters to employees with an offer of a partnership from another firm, supposedly in the same industry.

For persuasiveness, the text of the letter is written in the style of business correspondence and contains references to real projects related to the activities of the attacked company.

An email attachment, such as an archive, contains a file that, when clicked, launches a malicious program. As a result, the attackers gained access to the victim’s corporate networks to further steal confidential data.

A maneuver for scientists

Attackers can also pretend to be employees of well-known universities.

They sent emails to selected victims, such as scientists and journalists, with a personalized link to a phishing registration form for a popular university’s online conference.

The goal is to steal the victims’ authorization information from Google, Microsoft, Facebook (the owner of Meta is considered an extremist organization) and Yahoo. The attackers also offer to discuss the invitation over the phone for the sake of the believability of the message.

Specifically, in the 2021 campaign, where hackers posed as employees of the London School of Oriental and African Studies (SOAS), a phishing registration form was posted on a legitimate but compromised SOAS radio site. In other words, the attackers first hacked the site, then placed a malicious registration form on the site, and then started attracting victims to this site.

As a result, scammers obtain email account details from the victim’s email in order to gather political intelligence and organize phishing emails from that address.

Advertising offer

Attackers also send messages containing a false commercial request, for example, to provide industrial services. As an “attachment,” a PDF file is sent to the recipient, ostensibly containing a guide, but instead of a file, the email contains an image with a link to a malicious program.

When you click on it, a spy Trojan is installed on the victim’s computer that can steal passwords and other data. As a result, attackers can compromise accounts for the purpose of further selling.

Electronic signature service

In this case, the victim is asked to sign the document using an electronic signature service such as DocuSign. Scammers send messages to the victim on behalf of the company, asking them to sign a document attached to the letter.

When he clicks on the link, the victim first sees a page that supposedly checks if the user has gone to a phishing site. After that, the user is redirected to the last page that asks you to enter credentials from their Microsoft account.

fake tech support

In a 2021 campaign, scammers posed as representatives of computer services company Geek Squad.

The victim received a fake subscription invoice via email. To cancel the payment, it was suggested to contact the company’s “technical support” at the phone number indicated in the letter.

In the case of a call, during the call, the operator asked the victim to go to the fake website of the company, and then download a program for remote access to the computer. After installation, the victim was asked to tell the scammers the password, thereby transferring control over the computer.

Who is the hacker’s main target?

According to Anti-Phishing data, employees of IT departments were most vulnerable to phishing (performing 75% of unsafe actions), while programmers were the least resistant to phishing. At the same time, in 100% of cases, the attack is successful due to the wrong actions of employees, for example, clicking on a suspicious link or entering their data on an unknown site.

Targeted attacks target a specific victim or organization. Therefore, such letters often use information that is easy for the victim to believe. When performing targeted attacks, attackers can know the victim’s work environment, what programs and utilities they are using. All this helps to give credibility to the information in a phishing email and reduce recipient alertness,” explains Roman Dedenok, spam analysis specialist at Kaspersky Lab.

Pavel Kovalenko, director of the anti-fraud center in Informzashchita, is sure that people often have a fundamental problem of infrastructure security.

“It doesn’t matter how old they are and whether they have a degree from a prestigious university. Indeed, as practice shows, even young and educated employees of companies often forget about social engineering techniques and fall into the trap of intruders,” explained the expert.

According to him, cybercriminals are manipulating our emotions professionally and trying to disrupt the thought process.

“For example, when scammers call or email, they always want us to take action right away.

People panic because they fear losing access to their money, and so they usually do what is expected of them. Also, scammers often resort to a wrong choice situation when a person is asked to transfer money immediately and threatens to sue him and deprive him of his property if he does not obey.

In this case, the victim is given the illusion that they can only choose one of these two options,” said Kovalenko.

In order not to become a victim of intruders, experts advise to carefully examine each message that enters your mailbox, do not open attachments and follow the links in the letter.

There are five types of scam emails that users should not open for security reasons. Due to such “traps”, the interlocutor not only loses his confidential data, but also becomes a victim of blackmail. Information security company Antiphishing told socialbites.ca how often Russians opened phishing emails in 2021 and what the most effective emails contain.



Source: Gazeta

Popular

More from author

Germany announced that it is ready to guarantee the security of Gaza 03:20

Germany could become the guarantor of the security of the Gaza Strip once the conflict between the Palestinian territory and Israel ends. This...

The number of foreign agents in Russia increased 3.5 times in three years 03:53

The number of foreign agents in Russia has more than tripled in three years, reaching 579 natural and legal persons, as well as media...

“The governor could not play all the roles.” Interview with director Andrey Bogatyrev about “Umalta Gold” Director Bogatyrev: Governor Degtyarev did not star...

— Tell us about your new movie “The Gold of Umalta”: How did this project come to you? How did the idea of...

Scientists found a way to clean the toxic alkaloid in barley 03:17

German scientists from the Leibniz University of Hannover have found a key gene responsible for the production of the toxic alkaloid gramine in barley,...