Credential phishing, the top attack vector

Cyber security Hacking Technology

Researchers have observed a 44 per cent increase in malware as compared to 2021.

Credential phishing remains the top path that a hacker takes to exploit cyber security vulnerabilities in the email security landscape with a 478 per cent increase in malicious emails identified, a recent report shows.

In the annual report from Cofense, a global email security company, a 44 per cent increase in malware was also observed as compared to 2021.

They combined a global network of more than 35 million people with artificial intelligence and machine learning, and the analysis found a significant number of phishing emails that bypasses the Secure Email Gateways (SEGs), an email security solution to inspect emails for malicious content.

Ananya Jyothish, a medicine student said that she usually receives a lot of phishing emails and spam messages. But most of the time she avoids opening them as they might lead to scammers and cybercriminals.

The Mint reported that around 83 percent of Indian organisations found that the number of phishing emails targeting their employees increased after the pandemic.

Anil Rachamalla, Chief Executive Officer and Founder of End Now Foundation, a non-profit organisation advocating for better internet ethics and digital well-being said that links have to be verified before clicking on it even though it feels like it is from a legitimate source.

“If you get a short link, expand the uniform resource locators (URLs) and check its source. Also, check your mail and ensure that they are not spammed and check if there are any leakages that were already happened,” he added.

The report also shows that credential phishing, a type of cyber attack in which hackers attempt to steal user credentials by posing as a known or trusted entity, plays a significant role in the ransomware attack chain, as well in Business Email Compromise (BEC), a type of phishing attack that targets organizations, with the goal of stealing money or critical information.. It is reported that BEC has resulted in over $400 billion stolen from victims globally.             

Tonia Dudley, Vice President and Chief Information Security Officer at Cofense said in a blog, “As threats increase in frequency, intensity and sophistication, the need for rapid and actionable intelligence has never been greater.”

Anil added that it should be ensured that we always enable two-factor authentication with emails and social media platforms.

Tagged