Phishing campaigns use these 3 applications as disguises

Phishing campaigns tended to masquerade as one of three common applications during the first quarter of 2018, according to a Rapid7 report.

For the report, the security operations company analyzed cybersecurity threats and patterns that emerged during the first quarter of 2018. During this period, the most common phishing campaigns disguised themselves as DocuSign, Office365 and Dropbox, although other phishing attempts also leveraged applications mimicking Amazon Prime and Apple services.

If a phishing campaign successfully tricks an employee into entering their credentials on an impostor Dropbox portal, for example, the cyberattacker is able to gain remote access to the real Dropbox service using the target's stolen login information. From there, the cyberattacker might be able to access business operations information housed in the employee's Dropbox account.

"By and large, adversaries attempted to steal credentials from employees at larger organizations at nearly three times the rate of smaller organizations, but much of that is likely due to the number of employees available to target," the report reads.

To access Rapid7's report, click here.

More articles on cybersecurity:
DHS issues cybersecurity warning on Philips' CT scanners: 5 things to know
UK NHS to implement Microsoft's Windows 10 under systemwide cybersecurity deal
In wake of WannaCry, NHS assessed 200 facilities on cybersecurity preparedness — None passed

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.