Network scammers have started posing as tech support services

New scenarios of targeted phishing attacks aimed at company employees have been recorded in Russia. This is reported by Izvestia with reference to specialists from R-Vision.

In Russia, new scenarios of targeted phishing attacks targeting employees have been recorded.

The attackers have started posing as technical support staff of various organizations. Their goal is to gain access to employees’ confidential data, R-Vision analysts explain. Attackers are using two main attack scenarios.

The first scenario involves sending emails to employees informing them that the domain address of internal work systems has changed. The email asks employees to follow a link to the new service address and check access to projects using corporate passwords. “Attackers ask employees to follow a link to the allegedly new address of the service to check access to their projects. At the same time, fraudsters ask to use corporate passwords,” said Igor Shvetsov, information security engineer at R-Vision.

The second scenario is aimed at informing employees about a supposedly selective testing of users switching to a new encryption algorithm when working with email.

These attacks are targeted: emails are sent to specific users from a real person in the organization and mention real corporate services. This significantly increases the credibility of these emails and increases the likelihood that the attacks will succeed.

“Attackers have long since moved on to implementing personalized phishing attacks,” said Anton Nemkin, a member of the State Duma Committee on Information Policy, Information Technologies and Communications. “This strategy has proven its effectiveness: every tenth cyber incident is due to improper actions of personnel,” the deputy added.

Anon Nemkin, a member of the Duma Committee on Information Policy, Information Technology and Communications, said.

.

Nemkin said phishing emails can be sent from an organization’s real corporate email address. To do this, attackers only need to hack into a single account. “In 30% of cases, the success of cyberattacks is related to weak employee passwords. This is the highest compared to other categories. Therefore, it is important to create complex passwords and not to use corporate email to register on third-party services,” Nemkin emphasized.

So it is important to create complex passwords and not to use corporate email to register on third-party services.

The development of Security Awareness in Russia is a necessary step, according to Nemkin. “These are educational courses aimed at developing employees’ digital competencies, including information security. Such platforms already exist in Russia and should be integrated into corporate training systems,” he concluded.