6. Hiding in Legitimate Apps
File-hosting and sharing websites, such as Dropbox or Google Docs, are among the newest attack vectors that Eric Brown, senior security analyst at LogRhythm, says he has seen.
"The websites as a whole are legitimate, but attackers are starting to use them as avenues for hosting specific attacks," he says. "For example, an attacker will upload a file that includes a malicious URL that is difficult for the service to identify or block. Then the targeted recipients receive emails via the service's notification system, with links to the unsafe or malicious hosted file."
This kind of attack is stealthy because it is harder for an employee to recognize than a standard phishing email, Brown says. The notification email is from a genuine service and email address, and the link to the hosted file is legitimate as well – it's being hosted on the website the employee actually uses. It's only after the employee opens the document that he's then exposed to the malicious plant.
7. Industry-Specific Hooks
Ranjeet Vidwans, co-founder of Clearedin, says his team is noting a risk in phishing within the real-estate industry.
"It's an industry where there's several third parties – insurers, agents, banks – that may be unfamiliar to the buyer," he says. "Sensitive information is often sent via email."
Vidwans predicts there will be more BEC-style phishing attacks, too.
"BEC attacks would mean a bad actor posing as, say, a closing agent, emailing their assistant to please shoot over some quick SSNs so that they can file this paperwork, and people will do it without thinking twice," he says.
8. New Topical Lures
Vidwans also notes that the age-old tactic of using what is hot or topical is new again, but the hook is different. For example, the possibility of a recession is now a ripe topic for phishers when looking for ways to lure victims.
"We expect to see damage from phishing activity rise significantly once the recession hits in full," he says. "There are a few reasons for that. Layoffs mean you have less staff doing the same work. So employees are moving at a fast pace and are less likely to catch suspicious spear-phishing attempts. Another reason is you have more phishers out there, looking to make money in an ailing economy. You also have more job search activity – and in a bad economy – people are much more open to opportunities than they otherwise may be."
- 8 Ways to Spot an Insider Threat
- Phishing Campaign Uses SharePoint to Slip Past Defenses
- You Gotta Reach 'Em to Teach 'Em
- US Utilities Hit with Phishing Attack