Social engineering attacks still rising, as hackers become cagey
A new report says social engineering attacks are on the rise, with hackers using more spoofed phishing and HTTPS encryption in URL-based attacks.
In both cases, malicious actors are taking advantage of perceptions that HTTPS is a safer option to use on the Internet. HTTPS attacks, however, rose 26 percent in the first quarter, says the report from data security company FireEye.
The attacks work on all industries, including healthcare, and often focus on deceiving the CEO or another senior leader.
In the first quarter of 2019, phishing attacks rose 17 percent, compared with the prior quarter as hackers continue to focus on harvesting credentials or credit card numbers. Microsoft alone accounted for about 30 percent of all phishing detections.
Cloud-based social engineering attacks on file sharing services were exploited to deliver malicious files to users of WeTransfer, Google Drive, OneDrive and Dropbox, which was the most vulnerable to file sharing threats.
Fire Eye cautions that there are new impersonation variants focusing on payroll and supply chains. The payroll variant targets the payroll department with an email requesting changes to an executive’s personal data, such as bank details, so the executive’s salary can be diverted to a third-party account.
The supply chain variant targets the accounts payable department by impersonating an email from a trusted supplier and also re-routing a fraudulent payment to a third-party account.
“Threat actors are doing their homework,” says Ken Bagnell, vice president of email security at FireEye. “The danger is these new targets may not be prepared or have the knowledge to identify an attack. Once the fraudulent activity is discovered, the targeted organization thinks they have paid a legitimate invoice when the transaction was actually made to an attacker’s account.”