Posted by Trevagh Stankard on Tue, Nov 29th, 2022
Every year, threats evolve to overcome the latest cybersecurity changes. Cybersecurity is a constant cat-and-mouse game where attackers change their threats to bypass the latest security infrastructure, so security people must change their strategies again to detect and stop a new line of threats. As 2022 is almost at its end, it’s important for security staff to take a look at changes in the current year so that they can adapt infrastructure to what will likely change in future years. Here are a few trends in 2022 that will likely shift the cybersecurity landscape in 2023.
Social Media Instead of Shipping Scams
Scammers and phishing email authors always impersonate people or well-known brands. For years, scammers pretended to be from shipping companies or send emails to users telling them that they won free products but must pay a shipping fee. Now, attackers changed the way they trick users into divulging their sensitive information by impersonating social media companies.
The biggest one targeted by attackers is LinkedIn. LinkedIn is a central source for a user’s entire career history and profile information. Using LinkedIn, an attacker can trick users into divulging their critical data including credentials.
Pandemic At-Home Workers Increased Phishing Campaign Activity
Security researchers saw a dramatic increase in phishing and other malware attacks during the COVID-19 pandemic. Much of the increase focused on at-home workers. At-home workers do not have the enterprise-level security infrastructure to detect threats and stop them. Attackers are always looking for ways to bypass security, and users working on their personal machines to connect to an enterprise network was the perfect opportunity to take advantage of poorer cybersecurity. The risk was increased when organizations were forced to rapidly deploy cloud infrastructure to accommodate at-home works and did not make cybersecurity a priority.
Phishing is Still the Most Common Threat
Numerous threats in the wild are available to attackers. Some threats are sophisticated and some are much more basic. Phishing campaigns are easy to create and relatively easy to deploy. Various types of phishing campaigns target high-privilege users or focus on generally tricking as many staff members as possible.
Although phishing is a simple strategy for attackers, it’s still extremely effective. Phishing emails are usually the start of a data breach. A user opens a phishing email, clicks the link, and either downloads malware or divulges sensitive information. From there, an attacker could access the internal network from stolen credentials, obtain remote control on the user’s local device, or use ransomware to hold important data hostage in exchange for a large sum of money.
Several different types of phishing are common, so just when users are able to identify a general phishing message, they might be vulnerable to other types of attacks. For example, a general phishing email might not address the targeted user by name, but a spear phishing email is much more targeted directly at the company and the email recipient. This direct personalized threat is from the potential weeks of research an attacker performs prior to sending the email.
Another more common type of phishing attack in 2022 is whaling. An attacker launching a whaling campaign also performs research but pretends to be an executive or high-powered user within the organization. Also called CEO fraud, the email convinces a targeted user to transfer money, pay fraudulent invoices, or divulge highly sensitive data. Even large enterprise organizations with the best security in the business such as Google and Facebook have lost millions to whale phishing. It’s an effective way for an attacker to steal large sums of money from a single enterprise.
Disguised Documents and Links
Tying in with phishing, attackers use ways to hide the true nature of attachments. The goal is to trick a user into running an executable that installs ransomware or malware. A link might look like it points to a legitimate site, but the link points to an attacker-controlled site built to look like a legitimate business.
Protecting the Enterprise from New Threats
Although attackers can continue to change their strategies, businesses reduce risk by installing email security on their infrastructure. Email filters block every malicious phishing strategy and its artificial intelligence stops new threats that emerge every year. Security awareness training is also helpful, but you still leave your critical data to a human factor. Humans make mistakes, so email filters add a security net to the environment to catch these errors.
Web content filtering and DNS filtering solutions, provide a layer of web security to prevent an employee from navigating to a malicious website. By stopping the employee from going to the spoof website the phishing cycle is broken. DNS filters do this by creating a ‘blocklist’ of URLs. If an employee tries to navigate to a blocked IP address, the DNS filter stops the action.
Web content security is another layer of protection against phishing that can be delivered using cloud-based platforms. This makes delivery by an MSP easy to deploy, cost-effective, and can be centrally managed.
Protect your organization from phishing threats. See how WebTitan DNS Filter works to protect your business from phishing attempts. Book a free demo today.
Book Free Demo