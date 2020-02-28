In response to reports that indicate cybercriminals behind a recently observed phishing campaign used a clever ruse in the form of a bogus NortonLifelock document to fool victims into installing a remote access tool (RAT) that is typically used for legitimate purposes, experts provide an inisght below.
Roger Grimes, Data-driven Defence Evangelist , KnowBe4
February 28, 2020
It’s no surprise that social engineering and phishing account for 70% to 90% of all malicious data breaches.
This is another great example of sophisticated phishing that bypasses many technical security controls and people’s commonsense. It’s no surprise that social engineering and phishing account for 70% to 90% of all malicious data breaches. The bad guys like to use password-protected documents because any IT inspection tools can’t easily open the document to look for malicious code, so the docu ....This is another great example of sophisticated phishing that bypasses many technical security controls and people’s commonsense. It’s no surprise that social engineering and phishing account for 70% to 90% of all malicious data breaches. The bad guys like to use password-protected documents because any IT inspection tools can’t easily open the document to look for malicious code, so the document swishes right past all the technical defenses. All that is left is for the email and document cover to trick the user into typing in the password and allowing the contained malicious content to execute. It’s surprising to most IT people that someone could be tricked into ignoring one or more warnings against enabling malicious content, but if those people aren’t educated about what a serious and risky decision it is to enable document active content they just don’t know. That’s what security awareness training is all about. Even with the right information and education, some people will make the wrong decision, but that percentage is far, far less…near zero. That should be the goal of any security awareness training program — to create a healthy level of skepticism and to help people spot and report suspicious things. Because phishing emails will always make it past your technical defenses, no matter how good they are; so you have to make users be aware and train them what to do when they see something suspicious.
