- Joined
- May 15, 2016
- Messages
- 10,328
- Likes
- 2,620
- Points
- 1,730
Positive Technologies: the verification call to the bank no longer works.
Positive Technologies experts analyzed current cybersecurity threats in the third quarter of 2023. They found that attackers are increasing the complexity of social engineering tactics and using new fraudulent schemes to deceive users.
Social engineering is an attack method based on the manipulation of human emotions and trust. According to the study, this is the main threat to individuals (92%) and one of the main attack vectors for organizations (37%). In the third quarter of 2023, attackers used various social engineering channels in successful attacks on individuals. Most often, criminals used phishing sites (54%) and emails (27%), and also built fraudulent schemes on social networks (19%) and instant messengers (16%).
Global statistics show that cybercriminals are increasingly using attachments with the .pdf extension to bypass email security systems. Attackers embedded malicious links in PDF files, additionally masking them using QR codes in a number of attacks.
“In the third quarter of 2023, scammers actively exploited the topics of employment, delivery services, political events and quick earnings, including through cryptocurrencies, for phishing purposes,” says Roman Reznikov, a specialist in the research group of the Positive Technologies Analytics Department. “Cybercriminals have used platforms that provide tools to conduct phishing attacks.”
One such platform, EvilProxy, carried out a large-scale campaign targeting the management of more than 100 companies around the world: 65% of the victims were senior management, and the remaining 35% had access to financial assets or confidential company data.”
The study also reports a new fraudulent scheme identified at a bank in South Korea. It includes several methods of deception: for example, the malicious Letscall toolkit combines phishing sites and voice fraud - vishing. Cybercriminals were using a fraudulent site that imitated Google Play to distribute spyware. It not only collected information about the infected device, but also redirected calls to a fraudulent call center if the victim noticed suspicious activity and called the bank. The false operator, relying on the information collected by the spyware, reassured the victim and tricked him into obtaining additional data or forcing him to transfer money to a fraudulent account. If this method is adopted en masse by cybercriminals, a verification call to the bank will become almost meaningless, Positive Technologies noted.
Experts recommend remaining vigilant online, not clicking on suspicious links or downloading attachments from unverified sources. They also predict an increase in the number of attacks using neural networks, which are gradually expanding the arsenal of attackers. Not only do cybercriminals seek to circumvent ChatGPT's censorship of malicious content, but they are also creating their own toolkits. For example, WormGPT, a generative neural network for phishing and BEC attacks, was created by attackers based on the open-source JPT-J language model specifically for illegal activities. With its help, even an unskilled attacker can automate the creation of convincing fake emails and carry out long-term attacks that support meaningful correspondence in any language.
In addition, the study reveals new tactics used by ransomware operators: “double listing” and “legal blackmail.”
__________________
Positive Technologies experts analyzed current cybersecurity threats in the third quarter of 2023. They found that attackers are increasing the complexity of social engineering tactics and using new fraudulent schemes to deceive users.
Social engineering is an attack method based on the manipulation of human emotions and trust. According to the study, this is the main threat to individuals (92%) and one of the main attack vectors for organizations (37%). In the third quarter of 2023, attackers used various social engineering channels in successful attacks on individuals. Most often, criminals used phishing sites (54%) and emails (27%), and also built fraudulent schemes on social networks (19%) and instant messengers (16%).
Global statistics show that cybercriminals are increasingly using attachments with the .pdf extension to bypass email security systems. Attackers embedded malicious links in PDF files, additionally masking them using QR codes in a number of attacks.
“In the third quarter of 2023, scammers actively exploited the topics of employment, delivery services, political events and quick earnings, including through cryptocurrencies, for phishing purposes,” says Roman Reznikov, a specialist in the research group of the Positive Technologies Analytics Department. “Cybercriminals have used platforms that provide tools to conduct phishing attacks.”
One such platform, EvilProxy, carried out a large-scale campaign targeting the management of more than 100 companies around the world: 65% of the victims were senior management, and the remaining 35% had access to financial assets or confidential company data.”
The study also reports a new fraudulent scheme identified at a bank in South Korea. It includes several methods of deception: for example, the malicious Letscall toolkit combines phishing sites and voice fraud - vishing. Cybercriminals were using a fraudulent site that imitated Google Play to distribute spyware. It not only collected information about the infected device, but also redirected calls to a fraudulent call center if the victim noticed suspicious activity and called the bank. The false operator, relying on the information collected by the spyware, reassured the victim and tricked him into obtaining additional data or forcing him to transfer money to a fraudulent account. If this method is adopted en masse by cybercriminals, a verification call to the bank will become almost meaningless, Positive Technologies noted.
Experts recommend remaining vigilant online, not clicking on suspicious links or downloading attachments from unverified sources. They also predict an increase in the number of attacks using neural networks, which are gradually expanding the arsenal of attackers. Not only do cybercriminals seek to circumvent ChatGPT's censorship of malicious content, but they are also creating their own toolkits. For example, WormGPT, a generative neural network for phishing and BEC attacks, was created by attackers based on the open-source JPT-J language model specifically for illegal activities. With its help, even an unskilled attacker can automate the creation of convincing fake emails and carry out long-term attacks that support meaningful correspondence in any language.
In addition, the study reveals new tactics used by ransomware operators: “double listing” and “legal blackmail.”
__________________