Dubai PR Network, Online Press Release from Dubai and Middle East
Technology, Computers & IT(Technology)
Filter PR by

Positive Technologies: government agencies and the defense industry are favorite targets of phishing attacks

Positive Technologies: government agencies and the defense industry are favorite targets of phishing attacks

Dubai, UAE: 20/02/2024 - Positive Technologies experts analyzed phishing attacks against organizations in 2022–2023. Most often, in phishing messages, criminals pose as contractors. The phishing-as-a-service model has become common practice. Experts predict an increase in the role of AI in both conducting and preventing phishing attacks. 

The main objectives of phishing attacks are data theft (85%) and financial gain (26%). One of the channels where criminals can sell the stolen sensitive information is the dark web, where the demand for personal data and credentials of companies' employees and clients is traditionally high. Information can also be stolen for the purpose of spying on an organization or country. 

A particular focus of the research is on hacktivists who have become especially active in the midst of the current geopolitical situation. Their main objective is to harm a victim by any means possible, as was the case with the attack on Iran's petrol stations last December, allegedly carried out by an Israeli APT group.

Phishing-as-a-service has become commonplace, a trend our experts forecasted several years ago. Today, phishing-as-a-service is used by professional APT groups, savvy independent attackers, and even newcomers without any special knowledge or skills. Positive Technologies analyzed messaging apps and forums on the dark web where social engineering was mentioned. The analysis showed that the most popular requests and offers were related to ready-made phishing projects, tools for conducting phishing attacks, and the development of phishing web pages.

The majority of phishing attacks are carried out through email (92%), but criminals can adapt to the particularities of the target company and use messaging apps (8%) and SMSs (3%) to deliver their malicious messages. A common attack scenario involves impersonating a company executive or employee through various communication channels. To create a fake profile for sending malicious messages, an attacker only needs to have the name and photo of the target organization's executive or employee. 

'Phishing is mainly evolving through the automation of attacks with the help of AI tools,' says Alexey Lukatsky, Information Security Business Consultant at Positive Technologies. The AI tools are becoming increasingly popular and are used both by cybersecurity experts to counter cyberthreats and by criminals to prepare and execute phishing attacks. Cybercriminals use AI to maintain engaging and relevant dialogues with their targets, generate convincing phishing messages, and create deepfakes of voices, images, and videos.'

More than half of the phishing attacks examined in this study were targeted at a specific organization, industry, or country. Most often, attackers target government agencies (44% of incidents with industry-specific targeting) and military enterprises (19%). Rounding out the top three primary targets of phishing attacks are organizations in the field of science and education (14%). 
According to the research, criminals most often pose as contractors (26% of attacks). 'They send fake reconciliation statements, invoices, contract renewal documents, and other data related to interactions between contractors,' comments Ekaterina Kosolapova, Information Security Analyst at Positive Technologies. This tactic is widespread because it is applicable to almost all organizations and legitimates the presence of links or attachments in the message. In 58% of attacks, such lures were sent without reference to a specific industry. However, this method is used more than any other in targeted attacks on medical, financial, industrial, and telecommunication organizations.' 
To prevent, detect, and respond to phishing attacks, experts suggest that companies educate their employees on cybersecurity and conduct phishing simulations. We also recommend using reputation mechanisms based on security solutions like SWG (Secure Web Gateway), NGFW (Next Generation Firewall), and SASE (Secure Access Service Edge), as well as EDR (Endpoint Detection & Response) solutions and sandboxes for mail traffic and protection against phishing, built into popular browsers or implemented through additional plugins. Basic cyberhygiene on personal computers and mobile devices should not be neglected either, such as regularly updating software and granting minimal privileges to applications


Posted by : Editorial Team
Viewed 10152 times
PR Category : Technology
Posted on : Tuesday, February 20, 2024  12:24:00 PM UAE local time (GMT+4)
Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of
Previous Story : Ogilvy research reveals vast extent and untapped potential o...
Next Story : National Search and Rescue Centre successfully concludes 3rd...
Email this article Print this article

Share this article with your friends and followers
Back to Section Home

Related Stories

Most Viewed Press Release posted in the last 7 days
Mitch Evans Looks For Another Italian Triumph As Formula E Descends On Rimini Debut - Wher... [22935-Views]
Khabib's Official Training Gloves Will Be Sold at Tooba Charity Auction in Dubai [22423-Views]
Oliver rowland wins misano e-prix opener after antonio felix da costa disqualification [20188-Views]
Victory for Pascal Wehrlein after last Lap Heartbreak for Rowland [18532-Views]
Formula E and FIA to unveil new gen3 evo race car at upcoming monaco E-prix [15420-Views]
Henry Jacques launches Collection de l'Atelier [10332-Views]
Tag Heuer Monaco Split-Seconds Chronograph: Watches & Wonders 2024 [8922-Views]
The Tortue Watch: A Perpetually Reinvented Timepiece [8799-Views]
Nikai unveils next-generation Google TVs redefining home entertainment [8430-Views]
South Indian Cinema Megastars Rana Daggubati, Rockstar DSP Akul Balaji, Vijay Raghavendra,... [8257-Views]
Mansour bin Mohammed congratulates Hamdan bin Mohammed on the Qatar-UAE Super Shield crown [8032-Views]
Goodbye to the Grrr-Eight One: Jeep® Brand Announces 2024 Wrangler Rubicon 392 Final Editi... [6560-Views]
Sivakov takes final stage of Giro D'Abruzzo [6421-Views]
Kia wins prestigious 2024 Car Design Award for Brand Design Language with ‘Opposites Unit... [6138-Views]
Abt Joins Forces With Lola And Yamaha For Formula E's Ground-Breaking Gen3 Evo Era [5707-Views]
Swiss International School Dubai students get seven-star work experience at Burj Al Arab [5654-Views]
World Future Energy Summit Opens with Collective Call for Collaboration on ‘Pathway to 1.5... [5572-Views]
Hitachi Energy unveils cutting-edge solutions at Middle East Energy 2024 [5531-Views]
Zone in with oakley® latch panel: Take Control Of The Chaos With New Lifestyle Sunglasses [5531-Views]
Parmigiani Fleurier – New TORIC Collection [5445-Views]
Turkish Airlines closes 2023, carrying 83.4 million passengers with a 23.5% increase in do... [5314-Views]
AUS secures top spots in academic and employer reputation in UAE, announces QS World Unive... [5277-Views]
Heritance Aarah Maldives: Your Summer Culinary Getaway [5207-Views]
Eternal Elegance: Casadei Unveils The Enchanting 2024 Bridal Collection [5166-Views]
Jan Christen takes first professional victory at Abruzzo [5162-Views]
RSS Facebook Twitter LinkedDin on Instagram
Top Sections
Top Stories