The Department of Homeland Security believes that phishing continues to be one of the most dangerous forms of cybercrime in the present time. Secretary Jeh Johnson, while giving a speech at the Financial Crimes and Cyber Security conference, said that many people are still falling victim to this form of attack.
In the recent past, experts have been issuing warnings that cyber criminals are increasingly using phishing to carry out attacks. Some of the most sophisticated attacks in the recent past have been associated with simple spear phishing attacks. The attackers have managed to send spoofed emails to their targets. Given the propensity of people to get carried away easily, simple phishing attacks have led to major hacks.
Spear phishing is a variant of phishing in which an attacker identifies specific individuals. The attackers then send seemingly genuine email messages to the target. Once the target falls into the traps of the attackers, it becomes easy for the attackers to steal the personal data of the victim.
Change of Tactics
Experts have currently been warning that attackers are changing the way in which they carry out phishing attacks. For the last few decades during which criminals have been staging phishing attacks, the approach has been to steal personal information. Criminals have constantly been attempting to fool people into clicking on links that lead specially-made data mining websites. The criminals have then been using the data to perform all types of crimes.
However, as the Homeland Security notes, hacker are changing the way they stage phishing attacks. In the first place, hackers are increasingly resorting to using spear phishing tactics against their victims. This means that criminals are more likely to target specific individuals in their attacks rather than the general public as it has been the norm. Hackers are increasingly targeting high-ranking individuals in governments or organisations.
Third, hackers are increasingly using this form of attacks to spread malware. It has now become common for hackers to use spear phishing as a method of planting malware on the devices of their targets. The prospect of getting paid by their victims is the main factor that has led to the change in tact from seeking to steal data to attempting to plant ransomware in devices.
Need for Training
One thing that the Homeland Security Department chief notes is the need for organisations to train their staff. Staff training helps to sensitise individuals about the dangers that they face when they are online. Besides, it is only through training that organisations, governments and other stakeholders can help the general public to stay safe.