Abnormal Security released a report which examines the escalating adverse financial and reputational impact of advanced socially-engineered and never-seen-before email attacks to organizations worldwide. Over the course of the last quarter, researchers saw a significant increase in credential phishing, as well as brute force attacks, which are used to obtain personal information such as passwords, passphrases and usernames through a string of continuous, automated attempts. Once accessed, compromised accounts can be leveraged to send additional attacks to coworkers, partners and vendors, and provide the credentials necessary to infiltrate other parts of the organization. Credential phishing and account takeover is also a major issue because it provides the access needed to launch other more nefarious types of attacks such as ransomware and malware.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased