Advisory ID: ngCERT-2023-0008
Summary: Phishing is a type of cyberattack that employs social engineering techniques to persuade a potential victim(s) to reveal sensitive information via deceptive emails, text messages, phone calls, and/or social media. The attacker may be looking for personally identifiable information (PII), banking details, and account credentials. The goal could also be to trick the victim into downloading malware.
Description: Such an attack usually starts with a phishing email, text message (also known as smishing), or even a direct message (DM) on a social media app that appears urgent and requires you to either click on a link that takes you to an external website or download a file attachment. This website is fraudulent and is intended to collect sensitive, potentially damaging information from the potential victim.Another technique involves using a phone call, or vishing, to trick victims into disclosing sensitive information. In order to collect their information and compromise their accounts, the attacker would either call the victim or use an automated system to pretend to be calling from their bank.
Consquences: Phishing attacks can lead to identity theft, data theft, and massive financial losses for the victims.
Damage/Probability: CRITICAL/HIGH
Solution : Some countermeasures against phishing are:
i. Enable multifactor authentication (MFA) – if possible, use more than a two-step process.
ii. Change passwords regularly.
iii. Use spam filters.
iv. Change web browser settings to prevent fraudulent websites from opening i.e. web filters.
v. Always use “https” when browsing the web (there are settings in most web browsers that allow for strict usage of “https”).
vi. Use anti-malware to detect malware in phishing emails
vii. Usage of comprehensive solutions by organisations such as security information and event management (SIEM) and endpoint detection and response (EDR) can help filter phishing emails before they get to the users.
viii. Cybersecurity awareness training for staff to spot characteristic features of phishing scams, such as:
a. Poor spelling or grammar
b. Requests to transfer money or for personal and payment information
c. Suspect file attachments
d. Discrepancies in the sender address
e. A sense of urgency e.g. ‘You will lose access to this service in 24 hours…’
f. Usage of a link-shortening service