I really liked this article. I have covered various highly involved cyber attacks over the last few months, deepfakes, hacking cars, air–gap attacks but as it describes in this article, you can use technology to steal those credentials or you can just ask nicely for them: Phishing works so well …
Who are the targets for phishing campaigns?
The threat actors will go after anyone who they can exploit, steal credentials from, or who has something the criminal wants! In this case it is workers for the forthcoming US elections. This one is targetting people in a privileged position: US election workers hit with phishing, malware emails • …
Continue reading “Who are the targets for phishing campaigns?”
Why do I write so much about Social Engineering and Phishing Attacks?
Because for the effort the threat actors put in, the returns can be very high, so it is worth their while sending out billions of malicious messages to see who they can catch. It could be you… Now in the age of online “as-s-service” software, it has become even easier …
Continue reading “Why do I write so much about Social Engineering and Phishing Attacks?”
The Deepfake threat
As computing power increases and the ability of cloud platforms and software to create realistic deepfake impersonations of people improves, so does the increased use of such techniques by threat actors – of course. Here are a couple of articles looking at the technology and the threat: Seeing is disbelieving: …
How a phishing attack works
Today there is an excellent illustration of how a phishing attack works on SANS Internet Storm. It is complete with the offer of something the victim wants and then simply steals the Microsoft credentials the victim supplies – all because of a well-crafted spam email. Credential Harvesting with Telegram API …
