As people get better at identifying potential threats in their inbox, threat actors must evolve their methods. Their new M.O? Social engineering.
According to cybersecurity researchers at Proofpoint, if recent news has taught us anything, it's that this is working.
Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.
Over the past few months, the Singapore Police Force have issued a number of advisories around social engineering scams, ranging from false advertisements for cleaning services -- where victims were asked to download an application to their mobile devices which contained malware to steal personal credentials -- to scammers impersonating business partners or employees to get victims to help with payment requests, with losses amounting to at least $70.8 million.
In a bid to better understand just how cybercriminals are exploiting the human element, cybersecurity researchers at Proofpoint have released their 2022 Social Engineering report, which analyses key trends and techniques of socially engineered cyber threats observed over the past year.
The report also reveals how popular and trusted services such as Google Drive and Discord are frequently abused by threat actors to convince victims, and highlights the five ways that victims fall prey to these scams because:
- Threat actors spend time building trust with intended victims by holding extended conversations
- Threat actors expand abuse of effective tactics such as using trusted companies' services
- Threat actors leverage orthogonal technologies, such as the telephone, in their attack chain
- Threat actors know of and make use of existing conversation threads between colleagues
- Threat actors regularly leverage topical, timely, and socially relevant themes
“Despite defenders' best efforts, cybercriminals continue to defraud, extort, and ransom companies for billions of dollars annually," says Sherrod DeGrippo, vice president of threat research and detection at Proofpoint.
"The struggle with threat actors evolves constantly, as they change tactics to earn clicks from end users." DeGrippo says.
“Security-focused decision makers have prioritised bolstering defenses around physical and cloud-based infrastructure which has led to human beings becoming the most relied upon entry point for compromise.
"As a result, a wide array of content and techniques continue to be developed to exploit human behaviours and interests," DeGrippo says.
“In this new report, Proofpoint researchers analyse frequently used social engineering techniques and look to debunk faulty assumptions made by organisations and security teams, which should be taken into account to better protect their employees against cybercrime.