The Perfect Phishing Email

Thinking like the bad guys is part of being in cybersecurity. Our ability to anticipate the moves of our opponents is essential, just like in a chess game – except with real business consequences. Drawing on my prediction of worse spam to come in 2020, I had been thinking about the “perfect” phishing email for some time… then, I saw it in the wild! 

I had to share it with you, because the common red flags that we train our users to look for were not there. This speaks to the evolution of malicious email, which can now deceive even the most diligent of recipients. Among the first things we instruct our users to check for (even before proper grammar and references to foreign royalty 🙂 ) are:

  1. who it is from (the name, the address, the user name)

  2. what they are asking for / directing you to (the sign-in page, the bank transfer form, the video of your favorite celebrity) 

But this particular hack leaves no indication that either is amiss, and results in the complete compromise of one of your most sensitive accounts – hence, the “perfect” phishing email. Read on to see how this is possible, and what to do about it.

What happens?

Imagine you receive a notification that your CEO has shared a file with you. The notification comes from an established file-sharing system, and clearly articulates that your organization is integrating new software into your environment and will require you to log in, and allow certain permissions. Verifying that the source of the notification is legitimate, you click the link, and are redirected to an API integration permissions page (as expected). You gloss over the EULA, and allow the software access to your account so you don’t need to create yet another username (Read more...)

*** This is a Security Bloggers Network syndicated blog from IntelliGO MDR Blog authored by Adam Mansour. Read the original post at: