What You Need to Know About Phishing

Research found that more than 255 million phishing attacks occurred in 2022, that’s a 61% increase compared to 2021! Some of the most notable phishing attacks last year hit Twilio and MailChimp, who fell victim to another phishing attack in January this year. It is not just large organizations who are targeted, phishing can happen to any organization, regardless of size or industry. But what is phishing and how can organizations defend against it?

What is Phishing?

The Cybersecurity and Infrastructure Security Agency (CISA) defines phishing as a form of social engineering in which a cyber threat actor poses as a trustworthy colleague or acquaintance of organization to lure a victim into providing sensitive information or network access.

The attack can come in many different forms including email, text message, instant message, or any other form of communication.

Phishing emails can hit an organization of any size or type. Some might get caught up in a mass phishing campaign (where the attacker is just looking to collect some new passwords or make some easy money) or it could be the first step in a targeted attack against an organization.

If an attack is successful, threat actors can gain access to networks or accounts which can result in data breaches, data loss, identity fraud, malware infection or ransomware.

How do these attacks work?

• Cybercriminals will pose as a colleague, acquaintance, or reputable organization to solicit sensitive information, steal log in credentials or inject malware through a disguised link.
• Threat actors may often send these phishing communications to many in one single organization to increase their chance of success – one click or one response can lead to the success of an attack.
• If successful, attackers then use sensitive information for exploitation, user credentials to delve further into networks, and if malware was downloaded during the attempt, compromise an endpoint which could open the door to the entire organization’s network and files.

How can you defend against these attacks?

A multi-layered approach is often the most successful, mixing both technology and education. Ensuring that there are sufficient defenses in place to stop these communications getting through, and if they do, a barrier in place to stop the attack if someone engages. Technologies such as Anti Data Exfiltration (ADX) ensure that no unauthorized data leaves devices or networks, blocking these attempts before they start.

Educating employees is a vital part of protecting against phishing attacks. Topics such as: what to look for, what to do with a suspected phishing communication and who to report to if you have accidently engaged with a suspicious email/communication, can help build knowledge and prevent these attacks from becoming successful.

How BlackFog can help

This video shows how a phishing attack actually works, demonstrating it from both the attackers and the victim’s view.

As you will see, without BlackFog, once the suspect link is clicked and log in credentials are entered on what looks like a legitimate webpage, the attacker has everything they need, and the attack has been successful. All of this is done quickly, and the victim has no knowledge of what has just occurred.

With BlackFog, although the target clicks on the link, the attack cannot be successful as the page where credentials would be entered has been automatically blocked. The target is notified of the blocked activity and the attacker does not get the information he wants, forcing him to eventually move on to the next victim.

BlackFog’s anti data exfiltration (ADX) technology automatically blocks all types of cyberthreats and ensures that no unauthorized data leaves an organizations’ devices or networks. The 24/7 protection is on-device, meaning that no matter where employees are working, as long as they have an internet connection, they are 100% protected.

With the increase in phishing and the ever-changing cyberthreat landscape – which is evolving and becoming more dangerous due to programs like Chat GPT, it is now more important than ever for organizations to take the threat of cyberattacks seriously. Adding third generation cybersecurity solutions that prevent data exfiltration will help ensure they do not become the next cyberattack victim.