A new type of ransomware is coming for cloud email inboxes. While this particular strain was developed by white hat hackers and hasn't been seen in the wild yet, it's a wake-up call for those who use cloud-based email services like Gmail or Exchange. According to KnowBe4, this kind of ransomware relies on social engineering to deceive users into giving hackers access to their email account.
When it comes to phishing attacks, all it takes is one dirty hook set in one employee to snatch up your vital data.
According to NTT’s recent Threat Intelligence Report, 25% of insider threats are hostile with the remaining 75% due to accidental or negligent activity. In other words, you can do everything in your power to keep the bad guys out of your environment, but if one of your people with the keys to the kingdom leaves the door open, the hackers have the run of the roost.
No matter how strong your firewall, network infrastructure, or IT/security team, there is always one employee in every organization who will click on every link and attachment sent to them. Verizon’s cybersecurity report states an attacker distributing 10 phishing emails has a 90% chance of one user being hooked.
When Alcoa was breached in a phishing scam a couple years back, only 19 employees received the email sent by Chinese hackers impersonating CEO Carlos Ghosn. By impersonating an executive, the hackers only needed to convince one employee that the "meeting agenda" attached to the infected email was legitimate. Once that employee clicked the email, they had access to over 2,907 emails and 863 attachments containing critical company information and intellectual property. Considering the scope and frequency of cyberthreats in the Digital Age, all it takes is one employee to click on the wrong link; and there is one employee in every company.Training personnel on different types of social engineering attacks is one of the best forms of cybersecurity. Why hack a computer when you can trick a human? Below are seven types of phishing attacks and how to identify them.