Cyber ​​criminals impersonate internet presences

B2B Cyber ​​Security ShortNews

Share post

Impersonating real websites is a popular method used by threat actors to trick victims into clicking and thereby obtain sensitive data.

In a campaign uncovered by Check Point security researchers, the attackers spoofed the website of an entire trade show. Anga Com is Europe's leading trade fair in the broadband and media distribution industry. More than 22.000 people from 470 companies take part in the international fair. Network operators, outfitters and content providers meet on site to exchange views on all broadband and media distribution issues. This year's event took place on May 23rd and 24th in Cologne. In the wake of such trade fairs, the participants receive the lead lists of the other guests in order to be able to network further.

Lead system as gateway

In the present case, however, cybercriminals have infiltrated the lead system in order to direct participants to a fake website from which they can then steal data. This is not particularly difficult. However, it is interesting that the attackers send the email a few days after the end of the conference in order to simulate an official follow-up. Users can be tricked into clicking on questionable content for many different technical and social reasons. At first glance, a malicious attachment can look like an invoice related to the alleged victim's work or, in this case, fake an official message from a trade fair organizer.

In addition to technical measures such as installing website blockers, companies should invest in the "last line of defense", i.e. their employees. Attackers typically rely on victims not to think twice before clicking and opening something. Security awareness training enables employees to learn how to thwart phishing and other social engineering attacks through vigilance and hands-on practice.

More at KnowBe4.com

 


About KnowBe4

KnowBe4, provider of the world's largest platform for security awareness training and simulated phishing, is used by more than 60.000 companies around the world. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO fraud and other social engineering tactics through a new approach to security education. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped develop the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.


 

Matching articles on the topic

Cyber ​​danger Raspberry Robin

A leading provider of an AI-powered, cloud-delivered cybersecurity platform warns about Raspberry Robin. The malware was first released in the year ➡ Read more

New scam Deep Fake Boss

Unlike classic scams such as the email-based boss scam, the Deep Fake Boss method uses high-tech manipulation ➡ Read more

Classification of the LockBit breakup

European and American law enforcement authorities have managed to arrest two members of the notorious LockBit group. This important strike against the ransomware group ➡ Read more

The Bumblebee malware is back

The Bumblebee malware is being used again by cybercriminals after an absence of several months. IT security experts were recently able to identify an email campaign that used the brand ➡ Read more

Microsoft Defender can be tricked

Microsoft's antivirus program Defender contains a component that is intended to detect and prevent the execution of malicious code using Rundll32.exe. This ➡ Read more

Ransomware attack on IT service providers

A data center owned by the Finnish IT service provider Tietoevry located in Sweden was recently attacked with ransomware. Numerous companies, authorities and universities are ➡ Read more

Threat potential from state actors

The extent of the current threat situation is illustrated by a cyber attack that recently occurred in Ukraine. According to the state ➡ Read more

Critical vulnerabilities at Fortinet

The Federal Office for Information Security (BSI) warns of a security gap in several versions of the Fortinet operating system FortiOS, for example ➡ Read more