One more phishing campaign: The Organization’s Landing Page
As the digital revolution has evolved the work environment, so has the cyber security challenges. With the malicious threats surfacing at an alarming rate, there have been many instances of the evolved versions of cyber threat.
As per the report from the security firm Avanan, the attackers have come up with the new phishing technique where they duplicate the landing page of the target Organizations and try to get the login credentials of the users. To execute the same, the emails are targeted at the users to update their passwords. Once the user clicks the button, they are directed to the phishing page identical to the Organization’s Google domain with pre-populated email address and a Google reCAPTCHA form is added as well to authenticate the legitimacy of the page. The user falls for the trap and ends up being a victim of the attack.
Once the attackers have access to the login credentials, they can then access the individual’s data and other applications in the network. All the personal, financial, medical data may get exposed once the credentials are compromised.
Technology’s potential is vast but it does not limit itself only to the constructive indicators. It can be damaging as well respective to the intent with which it is being applied. Companies are comping up with different cyber security solutions and frameworks to secure their network but it is only a while when the attackers come up with the loopholes to bypass it.
Though the organizations are trying their best to secure their applications and network, the end users as well need to be educated and trained to limit the attacks. Multifactor Authentication, detecting the phishing mails, password protection, legitimacy of the target URLs are some of the ways in which the user can spot the trap at their end.
With the upcoming evolved security threats, we need to be more vigilant and equipped to combat the attacks and protect our data.
Follow on Facebook: Latest Hacking Updates