Earlier this month, Forbes staff writer Thomas Fox-Brewster told the frightening tale of how Iranian hackers used a fake Facebook profile to target an unsuspecting techie at consulting powerhouse Deloitte.
The modus operandi: hackers created ‘Mia Ash’ from whole cloth, establishing multiple social media accounts for her, pilfering the photos of a real person in the process.
Posing as Ms. Ash, the malefactors gained the trust of the consultant, eventually convincing him to download an Excel file infected with malware.
To Deloitte’s credit, its cybersecurity protections prevented the malware from reaching its network – this time.
There is a bigger story here, however. This particular attack combines elements of more familiar types of attacks, but also breaks new ground – and suggests other, similar attack vectors that bad guys may also use.
Perhaps these new attack vectors are unfamiliar, but that doesn’t mean no one is using them to penetrate your organization’s defenses. It simply means you haven’t discovered them yet.
Read the entire article at https://www.forbes.com/sites/jasonbloomberg/2017/10/14/fear-these-three-types-of-phish-catphishing-enterprise-targets/.
Intellyx publishes the Agile Digital Transformation Roadmap poster, advises companies on their digital transformation initiatives, and helps vendors communicate their agility stories. As of the time of writing, none of the organizations mentioned in this article are Intellyx customers. Image credit: Kelly McCarthy.