Phishing with a twist: Cybercriminals are upping the con game with innovation

Some tips on how to avoid the phishing trap

Identity deception is on the rise, with 39.6 million detected threats between May 2022 and May 2023, says a report. Attackers primarily impersonate the brands and entities we trust and rely on. In the majority (60.1%) of cases, attackers pose as one of just 25 organizations, including Microsoft, Google, Salesforce and Amazon.

In August, last year, Microsoft researchers told Reuters that a Russian government-linked hacking group had targeted dozens of global organizations with the goal of stealing login credentials by engaging users in Microsoft Teams chats pretending to be from technical support.

Read more: 2023 cybercriminals added variety & speed to attack vectors

In July, a Palo Alto Networks blog post revealed findings from its investigation into Cloaked Ursa, Russia’s Foreign Intelligence Service Hackers. The post discusses two cases that show how emboldened attackers are, one where a fake flyer was used to dupe diplomats in Ukraine, and another where the group likely used the Turkish Government’s guidelines on the recent earthquake as a phishing lure. 

Anil Valluri, MD and VP, India and SAARC, Palo Alto Networks, said, “These activities are evidence that malicious groups will look to benefit from adverse political events and natural disasters while exploiting people’s innate desire to help. By targeting persons of interest and those within embassies, state-sponsored attackers gain access to sensitive and critical data.

These activities are evidence that malicious groups will look to benefit from adverse political events and natural disasters while exploiting people’s innate desire to help. By targeting persons of interest and those within embassies, state-sponsored attackers gain access to sensitive and critical data

Anil Valluri, MD and VP, India and SAARC, Palo Alto Networks

“Having robust endpoint security is essential since these threats make their way on to the network via insecure end-user devices. Active attack surface management ensures complete visibility of assets and risks across endpoints, networks, and clouds. Organisations must adopt a Zero Trust approach which creates multiple layers of security to slow down attackers while lowering the risk of lateral movement between networks.” 

According to a Cloudflare report, attackers use links as the number one deception tactic, comprising 35.6% of threats, and they’re getting more creative about how they get you to click on bad links. Email authentication doesn’t stop attackers from succeeding. The majority (89%) of unwanted messages passed email authentication methods.

Tips to Avoid Phishing

Cloudflare advices the following to avoid falling into the phishing trap.

Double check the source. Be sure to carefully check email addresses (sometimes they can be misspelled or off by a letter when someone is trying to pose as one of your contacts). If you’re traveling, this could look like an itinerary update from an airline or a travel agency.

Beware the link. Malicious links are the #1 threat category, comprising 35.6% of detected threats. Without clicking on a link, look at the URL. Oftentimes, exploiters will create bad links that look mostly like real ones – save for minor differences. If you can spot even the tiniest difference, it’s safe to say it’s a phishing email.

Question the sender. Identity deception threats are on the rise — increasing year-over-year from 10.3% to 14.2% (39.6 million) of total detections. If you get a bizarre email from someone claiming to be your manager at your new job, or a friend with a new email, you’re right to question it.

Read more: Experts predict India in for cybersecurity woes in 2024

Don’t put blind trust in familiar brands. Downtime or planning upcoming travel might mean more time spent online. If your bank emails you asking for personal information, don’t assume it’s real. Between 2022 and 2023, Cloudflare saw attackers pose as more than 1,000 different organizations in over 1 billion brand impersonation attempts (and most of the time, these are well-known brands like Mastercard, Visa and Bank of America). Just because it claims to be from a source you know, doesn’t mean it’s legitimate.

When in doubt, call the vendor it claims to be from. If something feels off, trust your gut and call the vendor to verify its legitimacy.