New tricks to deliver phishing attacks

VARINDIA
Published on: Jun 28, 2023
15 views

Cyber criminals are trying new methods to help ensure phishing attacks are successful. The phishing emails infect victims with malware -- and they're doing so by experimenting with a new method of delivering the malicious payload. India has become one of the most frequently targeted countries for ransomware attacks this year.


As per the report from Proofpoint, there's been a rise in cyber attackers attempting to deliver malware using OneNote documents, a digital notebook signified by .oneextensions that is part of the Microsoft 365 office applications suite.


The question is why is phishing so favourite among black hats?


Because it plays as what has been often described as cybersecurity’s “weakest link”. The 2022 DBIR revealed, 82% of breaches involved the human element, and that largely means employees being duped into clicking on malicious links and diving into fraudulent sites.


That's why it’s important that all companies know how to spot some of the most common phishing scams if they are to protect their corporate information. It’s also crucial that their employees are familiar with some of the most common types of techniques that malicious actors use to pull off these scams.


After all, they are the ones on the front line. However, it’s unfair to put all the blame on humans as weak security measures account for much of the exploits that slip through. A person can’t click on what’s not there, so email security platforms, digital risk protection, and anti-phishing solutions are a key element. However, you can’t defend against what you don’t understand.


Researchers warn that it's likely these campaigns have a high rate of success if the emails aren't blocked -- and that more cyber-threat groups are likely to adopt this technique to successfully deliver phishing and malware campaigns.

Today's Headline in NewsHours
0:00 Intro
2:2

#hackers  #cybersecurity  #Varindia  #cybercriminals  #varindianewshour  #Proofpoint  #Microsoft365office  


Category:

Technology

<iframe src="https://veblr.com/embed/3015929f7c33cd/new-tricks-to-deliver-phishing-attacks?autoplay=true&autoplaynext=true" class="strobemediaplayback-video-player" type="text/html" width="640" height="384" scrolling="no" frameborder="0" allowfullscreen></iframe>
  • Up next

    Increasing social engineering attacks - Smishing, vishing, and phishing | VARINDIA News Hour

    Increasing social engineering attacks - Smishing, vishing, and phishing | VARINDIA News Hour

    We live in a world that’s becoming more digitally dependent. Right from our social interactions to professional interchanges and financial transactions, most take place digitally. Smishing and vishing are two types of fraud that use SMS (smishing) and voice (vishing) to trick people into giving up money or personal information. They’re “social engineering attacks,” meaning that in a smishing or vishing attack, the attacker uses impersonation to exploit the target’s trust. Because 96% of phishing attacks arrive via email, the term “phishing” is sometimes used to refer exclusively to email-based attacks. A recent survey revealed some alarming numbers about Indian companies managing personal identifiable data and electronic health records. While digital resources are enabling, they also leave us vulnerable to cyber criminals as a lot of information regarding our personal and professional lives rests in the digital domain. Cyber insurance or cyber security insurance provides coverage from activities such as identity theft, unauthorized transactions, and more. Buying a cyber insurance policy can safeguard against online frauds. The policy can be bought by anyone who is 18 years and above and can be bought for family members. Nearly 58% of Indian companies have not opted for cyber insurance yet, indicating lack of awareness about cyber-attacks and cyber risk management strategies. The survey by RIMS and JB Boda Group says, as more attacks on utilities and industrial systems emerge, with Ransomware involved, it no longer is an IT related issue, but of the CFO and board.

    The COVID-19 pandemic has triggered digital transformation across companies, leading to the creation of a complex IT landscape in the form of public clouds, unfamiliar home networks, external systems connected through APIs, along with a plethora of access points into their sphere of monitoring and

    By VARINDIA | 19 views

  • Phishing attacks threatening industries

    Anyone who uses the internet or phones can be a target for phishing scammers. In the last year, cyber criminals delivered a wave of cyberattacks that were not just highly coordinated, but far more advanced than ever before seen. #Cybersecurity incidents are not only growing more prevalent but are also becoming more costly.

    Simple endpoint attacks became complex, multi-stage operations. Ransomware attacks hit small businesses and huge corporations alike. Crypto-mining attacks gave cyber criminals an easy foothold into company networks.

    Across the web, phishing attacks have baited unsuspecting victims into handing over bank info, social security numbers, and more. Plus, cybercriminals have become even savvier with their disguises. Sometimes these scams hide behind voices you know and trust, like your co-workers, your bank, or even your government. If you so much as click a link, you could be the scammer’s next victim.

    The most common scenario is:

    · You open your email and suddenly an alert from your bank appears in your inbox. When you click the link in the email, you are taken to a webpage that looks, more or less, like your bank.

    · Here’s the catch: this site is actually designed to steal your information. The alert will say there is a problem with your account and ask you to confirm your login and password.

    · After entering your credentials on the page that appears, you are usually sent to the actual institution to enter your information a second time. By steering you to the legitimate institution, you don't immediately realize your information was stolen.

    LinkedIn is a tempting target to spoof because the networking site often sends out emails with updates about your profile, your job search results and other topics. Since LinkedIn users are comfortable receiving emails, cybercriminals can more easily send out messages with links to phishing sites.

    #Microsoft was the second most spoofed b

    By VARINDIA | 15 views

  • Easy Bar Tricks RED BULL SUCTION In Hindi | Bar Tricks in Hindi | Learn Bartending | Dada Bartender

    #Bartricks #FlairBartending #CocktailsIndia
    Simple and easy bar tricks RED BULL SUCTION
    In this tutorial, I explained how to do flair moves that I believe make the biggest impact on your guest. Always be smart when you do flair behind the bar. Keep in mind that still the biggest tips you make by providing exceptional service to your guests. But if you use this moves from this video it sure will make guests impressed!

    Please consider subscribing!

    And hit me up if you would like to be on my channel.

    Affiliate Link
    ********************************************************************
    My Camera: https://amzn.to/2TRIiUe

    My Sound: https://amzn.to/2U8ITQF

    My Lens: https://amzn.to/2OkIRjt

    My light setup: https://amzn.to/2CAoNoF

    By Cocktails India | 16728 views

  • Mixing Double Autotune Tricks | Reverb Tricks | Fl Studio in Hindi

    Video Samjhne k liye Pichla Video Jarur Dekhe

    Join Music Online 40days Private Course Tips and tricks in just 5000 Only

    contact us for Recording/Rap Paid Classes/Music BEAT : 07404937788 Only Whatsapp
    My Computer Specifications
    2 RAM OF 8gb https://amzn.to/2sXAC6A
    keyboard Mouse https://amzn.to/37I9xms
    Graphic Card https://amzn.to/2N8wtDP
    Processor https://amzn.to/39Qv1Q3
    Cbinet : Panta
    Motherboard : https://amzn.to/35wy4cH
    lED tV https://amzn.to/2sXYnvk
    tV 2nd : https://amzn.to/2sPHrHs
    Camera http://amzn.to/2iwShtl
    Mic http://amzn.to/2jHpPIV
    Cheap Mic : https://amzn.to/35Bb2BD
    Headphones : https://amzn.to/30c2mAN
    Laptop http://amzn.to/2jEDW1o
    Speakers Monitors http://amzn.to/2hKeW8i
    Interface http://amzn.to/2j6WW4G
    My 4k Drone https://amzn.to/2V6QaP1
    Cheap Audio Interface 2 Mic : http://amzn.to/2kkYImW
    Cheap price Interface 4 Mic http://amzn.to/2Bz1b0B
    Cheap Near Field Monitors http://amzn.to/2BHAKXq

    Best Rap Song
    1. https://www.youtube.com/watch?v=EdkbCNG-bZw
    2. https://www.youtube.com/watch?v=xFnwJEKNsLg
    3. https://www.youtube.com/watch?v=FHTp5pRR138

    #gurubhairapsongs #gurubhairapper #gurubhaimusic

    Mixing Double Autotune Tricks | Reverb Tricks | Fl Studio in Hindi

    By GuRu Bhai-Music | 270 views

  • No organization is safe from the ever-growing Zero-day malware and phishing

    No organization is safe from the ever-growing Zero-day malware and phishing

    No organization is safe from the ever-growing Zero-day malware and phishing

    By VARINDIA | 17 views

  • Cybercrooks are using phishing-as-a-service (PhaaS) for striking the attack

    #PiyushGoyal #cyberattacks #singlewindowsystem

    PhaaS striking cyberattacks


    Cybercrooks are using phishing while it is still a major tactic used by attackers. It’s so easy to get started thanks to phishing-as-a-service (PhaaS) offerings by cybercrooks. Microsoft has released a report on one of them, called BulletProofLink, which sells phishing kits, email templates, hosting, and automated services at a relatively low cost. Phishing kits are nothing new, but this phishing-as-a-service caught the attention of Microsoft's security teams because it lowers the bar to quality phishing even more. With over 100 available phishing templates that mimic known brands and services, the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today, the report says. With this the cyber insurance industry is likely to go mainstream and is a simple cost of doing business.



    The report further states, if the ransomware buyer is lucky, the credentials can include passwords for high-value admin accounts, allowing for greater movement within a compromised network. These phishing service providers host the links and pages and attackers who pay for these services simply receive the stolen credentials later on. Unlike in certain ransomware operations, attackers do not gain access to devices directly and instead simply receive untested stolen credentials, the Microsoft 365 Defender Threat Intelligence Team notes in a blogpost. Microsoft has published its research on this operation to help customers refine email-filtering rules and adopt security technologies it offers. While phishing kits are sold once in a ZIP file with phishing templates to set up a bogus login page or emails, phishing-as-a-service includes the whole package. Ransomware service provider models are also influencing how phishing businesses operate. One notable ransomware technique is to steal data before encrypting it and then either

    By VARINDIA | 34 views

  • Phishing Links are Sent Via Microsoft Customer Voice

    In India where an organization is being attacked on average 1742 times per week in the last 6 months, compared to 1167 attacks per organization globally and where 70% of the malicious files in India were delivered via email in the last 30 days, this new means of phishing is one to take note of.

    In Check Point Software’s recent Q3 Brand Phishing Report, it was revealed that Microsoft was the second top brand ranked by their overall appearance in brand phishing attempts, bringing proof to the point of phishing attempts on Microsoft software.

    In this attack brief, researchers at Avanan, a Check Point Software Company discuss how hackers are using Microsoft’s Dynamic 365 Customer Voice to send phishing links.

    In this attack, #hackers are using spoofed scanner notifications to send malicious files. Avanan has seen hundreds of these attacks in the last few weeks. According to the study

    · The Vector is Email

    · Type is Credential Harvesting

    · The Techniques are Social Engineering, Impersonation

    · And the Target are Any end-user

    Hackers continually use what we call The Static Expressway to reach end-users. In short, it’s a technique that leverages legitimate sites to get past security scanners. The logic is: Security services can’t outright block Microsoft–it would be impossible to get any work done. Instead, these links from trusted sources tend to be automatically trusted. That has created an avenue for hackers to insert themselves.

    As per the researcher, they have observed this type of attacks, whether it’s Facebook, PayPal, QuickBooks or more. It is incredibly difficult for security services to suss out what is real and what is nested behind the legitimate link. Plus, many services see a known good link and, by default, don’t scan it. Why scan something good? That’s what hackers are hoping for.

    This is particularly a tricky attack because the phishing link doesn’t appear until the f

    By VARINDIA | 32 views

  • AIT Phishing: Defending Against Advanced Threats

    #There has been a significant rise in cyber threats from SMS traffic or artificial inflated traffic (AIT), compelling the enterprises to pay up for unauthorized messages, or traffic generated by fraudsters via applications or bots, to infiltrate telecom networks via CPaaS (communication-platform-as-a-service) providers.

    CPaaS, or Communications Platforms as a Service, has emerged as a valuable solution for companies searching for more customizable technology stacks. AIT (artificial inflated traffic) is accounted for over 20% of global traffic in 2022, and estimates suggest a 40% rise in AIT-related incidents in 2023.

    Today's Headline in News Hours
    0:00 Intro
    3:06 #Google announces Accelerator programme for ONDC
    3:35 #Twitter increases tweet character limit to 25,000 for Blue users
    4:05 #Infosys using generative AI to handle 50 client projects
    4:30 #Cognizant and ServiceNow announce partnership for adoption of AI-driven automation
    5:02 Mukesh Ambani to unveil the cheapest 5G smartphone in India


    Follow Us On :-

    Website:https://varindia.com/

    https://www.facebook.com/VARINDIAMagazine/

    https://twitter.com/varindiamag

    https://www.instagram.com/varindia/

    https://www.linkedin.com/company/14636899/admin/

    https://in.pinterest.com/varindia/

    https://varindia.tumblr.com/

    Visit on https://varindia.com/ to know more

    Labels & Copyrights :- VARINDIA


    #varindia #news #newshour #technews #unauthorized #SMS #cyberthreats #India #smartphone #MukeshAmbani #partnership #ServiceNow #Cognizant #generativeAI #Infosys #Twitter #ONDC #programme #Google #AIT #CPaaS #AITPhishing #AdvancedThreats #CyberSecurity #DataProtection #PhishingAttacks #CyberThreats #CyberDefense #SecuritySolutions #DigitalSafety #AIProtection

    AIT Phishing: Defending Against Advanced Threats

    By VARINDIA | 25 views

  • Hacking Tutorial for beginners in Telugu Part 9| What is a phishing attack?

    What is a phishing attack?

    hafiztime
    hafiz telugu videos
    Watch Hacking Tutorial for beginners in Telugu Part 9| What is a phishing attack? With HD Quality

    By Telugu TechTuts | 922 views

VARINDIA's

  • AI is used Towards Client AI Processing

    #Artificialintelligence is increasingly being used for client AI processing. This means that AI models are being trained and deployed on client devices, such as smartphones, laptops, and IoT devices. This has a number of advantages, including, Reduced latency, Improved privacy and Reduced bandwidth usage.


    Traditionally, AI processing has been conducted by massive clusters of servers in the cloud or data centers. This is because AI models can be very large and complex, and they require a lot of computing power to train and run.

    AI is used Towards Client AI Processing

    By VARINDIA | 289 views

  • Can Google’s tools combat online misinformation

    #Google's efforts to combat misinformation are important because misinformation can have a negative impact on society. It can undermine trust in institutions, lead to violence, and harm democracy. By developing new tools and initiatives, Google is helping to make the internet a safer and more informed place for everyone.

    Google has recently unveiled three new tools to combat online misinformation:

    · About this Image: This feature, which was initially unveiled earlier in 2023 and is now available globally to English-speaking users through Google Search, provides information about images, including their history, descriptions by users, metadata, and clear indications if an image is generated by AI. Google's AI-generated images are also clearly labelled.

    · Fact Check Explorer: This tool allows journalists to verify images by tapping into information from independent organizations.

    · AI-generated source descriptions within the Search Generative Experience: This feature provides original sources and insights from reputable publications, which are accessible through the "More About This Page" section in search results.

    Can Google’s tools combat online misinformation

    By VARINDIA | 173 views

  • Increasing online Frauds

    Recent developments in the technology landscape, including the acceleration of automation, artificial intelligence, and the digitization of industries, are transforming the nature of work. These challenges have immediate and far-reaching implications for India's economy, society, and future prospects.


    The Tech Tsunami, characterized by rapid technological advancements, has the potential to drive unprecedented growth and innovation. However, if not harnessed effectively, it could lead to job shrinkage, job displacement and job reduction further leading to increased economic inequality.

    Today's Headline in NewsHours
    0:00 Intro
    3:07 Online gaming firms sent tax notices worth INR 1 lakh cr
    3:36 Government plans to introduce regulatory sandbox for OTT apps
    4:05 #Microsoft pulling the plug on its metaverse project
    4:33 #HMD Global to manufacture own brand of smartphones in India in 2024
    5:00 #TechMahindra’s CEO designate Mohit Joshi announces restructuring


    Follow Us On :-

    Website:https://varindia.com/

    https://www.facebook.com/VARINDIAMagazine/

    https://twitter.com/varindiamag

    https://www.instagram.com/varindia/

    https://www.linkedin.com/company/14636899/admin/

    https://in.pinterest.com/varindia/

    https://varindia.tumblr.com/

    Visit on https://varindia.com/ to know more

    Labels & Copyrights :- VARINDIA

    Increasing online Frauds

    By VARINDIA | 182 views

Govt./PSU

  • Launch of Gujarat Election Campaign in Ahmedabad

    Launch of Gujarat Election Campaign in Ahmedabad.

    #CongressNuKaamBoleChe

    Declaration:
    This video is an intellectual property belonging to the Indian National Congress. Please seek prior permission before using any part of this video in any form.


    For more videos, subscribe to Congress Party channel: https://www.youtube.com/user/indiacongress


    Follow Indian National Congress!

    Follow the Indian National Congress on
    Facebook: https://www.facebook.com/IndianNationalCongress
    Twitter:https://twitter.com/INCIndia
    Instagram: https://www.instagram.com/incindia/
    YouTube: https://www.youtube.com/user/indiacongress

    Follow Rahul Gandhi on

    YouTube: https://www.youtube.com/c/rahulgandhi/
    Facebook: https://www.facebook.com/rahulgandhi/
    Twitter: https://twitter.com/rahulgandhi/
    Instagram: https://www.instagram.com/rahulgandhi/

    Launch of Gujarat Election Campaign in Ahmedabad

    By Indian National Congress | 170531 views

  • GAIL bringing INDIA together

    GAIL India increasing it's capacity and serving all over INDIA.

    Watch GAIL bringing INDIA together With HD Quality

    By GAIL Social | 727349 views

  • Special Briefing on the Visit of President of Maldives to India (August 02, 2022)



    Special Briefing on the Visit of President of Maldives to India (August 02, 2022)

    By Ministry of External Affairs, India | 194347 views

  • India observes Independence Day with patriotic fervour

    Prime Minister Narendra Modi
    ---------------------------------------------------------------------------
    ►Subscribe https://goo.gl/C3hVED | to Prime Minister Office’s official Youtube channel.

    Get the latest updates ???? from PM’s Office: news, speeches, public outreach, national events, official state visits, PM’s foreign visits, and much more...

    You can also connect with us on the official PMO website & other Social Media channels –
    ►Website – http://www.pmindia.gov.in
    ►Facebook – https://www.facebook.com/PMOIndia
    ►Twitter – https://twitter.com/PMOIndia
    ►Instagram – https://www.instagram.com/pmoindia

    India observes Independence Day with patriotic fervour

    By PMOfficeIndia | 248685 views

  • Press Conference by Union Minister of Jal Shakti Shri Gajendra Singh Shekhawat at BJP HQ.

    Subscribe Now - http://bit.ly/2ofH4S4 Stay Updated! ????


    • Facebook - http://facebook.com/BJP4India
    • Twitter - http://twitter.com/BJP4India
    • Instagram - http://instagram.com/bjp4india
    • Linkedin- https://www.linkedin.com/company/bharatiya-janata-party/

    Press Conference by Union Minister of Jal Shakti Shri Gajendra Singh Shekhawat at BJP HQ.

    By Bharatiya Janata Party Delhi | 73917 views

  • NTPC Empowering through Self Employment Opportunities (Updated Version, 11.10.2019)

    NTPC is the largest power generating company of India that also works towards enhancing and bringing qualitative changes in the communities around its projects. One of the key focus areas by which NTPC is bringing change in nearby communities is empowering women by providing them training in various areas for self employment .

    This is story of Sridevi from Telangana- her transformation from a diligent housewife to a successful entrepreneur.

    A success story of empowerment with help of NTPC’s CSR initiative.

    Watch NTPC Empowering through Self Employment Opportunities (Updated Version, 11.10.2019) With HD Quality

    By NTPC Limited | 7184880 views

Trending Now

Daily Mirror

  • Bikaner News | लोकसभा चुनाव को लेकर कांग्रेस की तैयारी, कार्यकर्ताओ से पार्टी प्रभारी ने की चर्चा

    #bikanernews #preparations #loksabhaelections #partyincharge #discussed #latestnews #breakingnews #news

    Watch JAN TV on :
    Tata Play DTH : 1185
    Airtel DTH: 355
    JIO Fiber: 1384
    https://www.youtube.com/jantvindia/live

    Make sure you subscribe to our channel and never miss a new video:
    https://www.youtube.com/jantvindia
    https://www.facebook.com/jantvindia
    https://www.instagram.com/jantvindia/
    https://twitter.com/JANTV2012
    http://www.jantv.in

    Jan TV Live | Hindi News LIVE 24X7 | Jan TV Live | Hindi news 24X7 LIVE
    Jan TV | Hindi News Jan TV Live | Jan TV News | Jan TV Live
    News Credit -VKJ

    Bikaner News | लोकसभा चुनाव को लेकर कांग्रेस की तैयारी, कार्यकर्ताओ से पार्टी प्रभारी ने की चर्चा

    By JANTV RAJASTHAN | 226 views

  • Manali Himachal Pradesh | टूरिज्म इंडस्ट्री में खुशी,जन-जीवन अस्त-व्यस्त, मनाली में भारी बर्फवारी

    #manali #himachalpradeshnews #tourism #industry #disrupted #heavysnowfall #latestnews #breakingnews #news

    Watch JAN TV on :
    Tata Play DTH : 1185
    Airtel DTH: 355
    JIO Fiber: 1384
    https://www.youtube.com/jantvindia/live

    Make sure you subscribe to our channel and never miss a new video:
    https://www.youtube.com/jantvindia
    https://www.facebook.com/jantvindia
    https://www.instagram.com/jantvindia/
    https://twitter.com/JANTV2012
    http://www.jantv.in

    Jan TV Live | Hindi News LIVE 24X7 | Jan TV Live | Hindi news 24X7 LIVE
    Jan TV | Hindi News Jan TV Live | Jan TV News | Jan TV Live
    News Credit -VKJ

    Manali Himachal Pradesh | टूरिज्म इंडस्ट्री में खुशी,जन-जीवन अस्त-व्यस्त, मनाली में भारी बर्फवारी

    By JANTV RAJASTHAN | 157 views

  • Nitish Kumar की जगह Jitan Ram Manjhi को CM बनाएंगे BJP ! Mukesh Sahani | Bihar News | #dblive

    Nitish Kumar की जगह Jitan Ram Manjhi को CM बनाएंगे BJP ! Mukesh Sahani | Bihar News | #dblive

    #HindiNews | #BreakingNews | #Watch | #video |

    Get paid membership : https://www.youtube.com/channel/UCBbpLKJLhIbDd_wX4ubU_Cw/join
    DB LIVE APP : https://play.google.com/store/apps/details?id=dblive.tv.news.dblivetv.com
    DB LIVE TV : http://dblive.tv/
    SUBSCRIBE TO OUR CHANNEL: https://www.youtube.com/channel/UCBbpLKJLhIbDd_wX4ubU_Cw
    DESHBANDHU : http://www.deshbandhu.co.in/
    FACEBOOK : https://www.facebook.com/DBlivenews/
    TWITTER : https://twitter.com/dblive15
    ENTERTAINMENT LIVE : https://www.youtube.com/channel/UCyX4qQhpz8WQP2Iu7jzHGFQ
    Sports Live : https://www.youtube.com/channel/UCHgCkbxlMRgMrjUtvMmBojg

    Nitish Kumar की जगह Jitan Ram Manjhi को CM बनाएंगे BJP ! Mukesh Sahani | Bihar News | #dblive

    By DB Live | 154 views