Prepare Your Team to Identify New Phishing Attack Techniques

Phishing hooks grabbing user information

Phishing attacks began decades ago as simple spam, designed to trick recipients into visiting sites and becoming customers, and has since morphed into a worldwide criminal industry. Centered on social engineering — manipulation through deception — phishing has become not only the most used initial attack vector in data breaches today[1], but also the No. 1 internet crime by victim count.[2] An overwhelming majority of organizations (88 percent) cite having experienced phishing attacks.[3]

What to Expect with New Phishing Attacks

Despite the volume of discussion surrounding phishing attacks, much of the information that circulates becomes out of date quickly. Cybercriminals are continually inventing new strategies to penetrate organizational defenses and gain victims’ trust. As if it is not already challenging enough for security teams to keep up with the latest phishing techniques, they also need to ensure their users — who are often the victim of phishing emails, are educated on how to spot an email-borne threat.

Download Now: Phishing Awareness Posters

The Top 5 Types of Information Stolen in a Phishing Attack

Hackers are increasingly relying on credentials they’ve stolen via phishing attacks to access sensitive systems and data. That’s one reason why breaches involving malware have decreased by over 40 percent.[4]

The top five “types” of data compromised in a phishing attack are4:

  1. Credentials (passwords, usernames, pin numbers)
  2. Personal data (name, address, email address)
  3. Internal data (sales projections, product roadmaps)
  4. Medical (treatment information, insurance claims)
  5. Bank (account numbers, credit card information)
Example of social engineering phishing attempt
Figure 1. Example of social engineering phishing attempt

How to Detect New Phishing Techniques

In an attempt to stay in front of new phishing attack techniques, LogRhythm’s cybersecurity experts are informed on the latest trends. They then curate the most important information into digestible pieces of content — no matter your preferred format.

Trending Phishing Techniques and Tips for Detection

Our cybersecurity consultants have put together both a video and a white paper on 4 Trending Phishing Techniques and Tips for Detection. In it, they take an in-depth look at the new face of phishing, including the discussion of some of the newest and most effective phishing techniques being leveraged by cybercriminals today.

Both of these resources outline how forward-thinking organizations can stop cyber criminals in their tracks. They include discussion around the new phenomena of malware-less emails and CEO-impersonation fraud, and are full of expert advice on the critical information every organization needs to remain safe from these types of attacks and more.

In addition to exploring some of the most important manipulation techniques, the authors examine the importance of hardening the human attack surface: namely, making sure that employees are equipped with all the information they need to detect a phishing attack at speed. By taking advantage of the right digital security tools and educating users on how phishing attack content differs from that of legitimate emails, organizations can stop most attacks dead in their tracks.

Read the full paper to learn how to detect new phishing attacks techniques and gather details around the attack, so your team will become more resilient to future and evolving attacks.

 

[1] Data Breach Investigations Report, Verizon, 2019

[2] Internet Crime Report, FBI, 2020

[3] State of the Phish Report, Proofpoint, 2020

[4] 2020 Data Breach Investigations Report, Verizon, 2020