Source: Recorded Future
Phishing pages targeting financial institutions have historically included functionality for collecting bank account login credentials, bank account information, payment card data, additional personally identifiable information (PII), and browser fingerprints. As threat actors continue to improve their methods, phishing pages have been seen with additional functionality designed to increase victim’s “trust” in the phishing pages and to increase threat actors’ capacity to pivot to second-stage fraud schemes.
Read the full Report
Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, phishing is by far the most common attack performed by cybercriminals, the FBI's Internet Crime Complaint Centre recording over twice as many incidents of phishing than any other type of computer crime.
If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland