Phishing Trends to Look Out For in 2012

Phishing attacks that targeted at consumers on the Internet remained at a high in 2011. A recent new report shows that attackers increasingly are going after consumers with highly refined Phishing attacks based on social networks. With the CSM (Cloud, Social and Mobile) phenomenon becoming more prevalent in the enterprise, it is believed in 2012 the Phishing attacks may get more sophisticated as new technologies will be adopted.

Social engineering tactics include fooling people with rogue security software that pose as legitimate protection products, impersonating friends to steal passwords to online gaming accounts, conducting Phishing using social networking as the lure, and tricking users to download adware.

Social Media to spread Phishing attacks 

With most people being connected Facebook and Twitter from almost everywhere, these channels are most likely to be successfully used to spread Phishing attacks. It makes good sense to be cautious before re-tweeting or sharing on Facebook.

Enterprise Mobility to contribute increase in attacks 

With an enterprise mobility increasing, many organizations are offering different means by which employees can connect and work remotely. The likelihood of receiving Phish mails or SMS on your handheld devices like iPads, Android etc. Is very high. The chances of revealing  information or install malicious malware or Trojans on your system increases as it gets more convoluted  to recognize Phishing messages on a handheld device. It is therefore imperative to pay extra attention when you open emails or text messages on your mobile devices as the infected device connects back to the enterprise network, and can attack the entire network.

The cloud platform to spread spear phishing 

As the concept of cloud computing is becoming an accepted reality now, it is very likely that cloud would become one of the platforms to reach the maximum number of employees inside the organization for (targeted) spear phishing. This could be used to engineer Phishing attacks. For organizations that use services that are in the cloud, a phisher could send out Phish emails targeting specific groups inside organizations. It is therefore advisable to always check back with your IT department if there is an unsolicited contact or requests for data.

Successful Phishing protection and control needs to include law enforcement and employees of targeted businesses so that they are able to recognize scams. Organizations need to look beyond traditional technology controls, and look to continuing education and awareness to fight Phishing attacks.

Preventing Phishing attacks can be an arduous challenge for organizations as these attacks cannot be controlled by merely implementing filters and firewalls. Countermeasures, like reliable anti Phishing software need to be implemented to tackle the increasing technical sophistication of criminals conducting Phishing scams exploiting human vulnerabilities.

Read Also On: Simulated phishing attack

Processing your request, Please wait....

Leave a Reply