(May 31, 2023) Most cyberattacks require little more skill than the ability to dupe users into divulging their login credentials or other personal information. In fact, experts estimate that social engineering plays a role in up to 90 percent of all cyberattacks.
A new report from Proofpoint underscores that point. The company’s researchers found that 40 percent of organizations using Microsoft Teams were targeted with at least one social engineering attack attempting to obtain credentials and deliver malware. In one common attack, threat actors manipulate links posted in a Teams chat window to point to a malicious file or website. The threat actor is able to execute the attack because of a previous takeover of one of the organization’s Microsoft 365 accounts — likely through social engineering.
These types of attacks exploit the natural human tendency to be trusting and helpful and avoid conflict. Attackers leverage these traits to manipulate people into clicking on links and divulging sensitive information.
Types of Social Engineering Attacks
Phishing is the most common form of social engineering attack. Hackers send emails that appear to be from a trusted source, often with a spoofed “from” address. The victim is encouraged to take some action such as changing their Microsoft password, which sends them to a malicious web page that allows the attacker to capture the user’s credentials. Some phishing emails contain malicious attachments that install malware on the victim’s device. In business email compromise attacks, the threat actor impersonates a trusted individual to trick the victim into transferring money or divulging sensitive information.
The Microsoft Teams attack is a type of phishing that uses chat instead of email. After an attacker has compromised a Microsoft 365 account, they can leverage Teams chat to impersonate a trusted user. These attacks are often very successful since most users don’t consider Teams a phishing threat.
Security Awareness Training Is Critical
Preventing social engineering attacks starts with education. Organizations should provide users with regular cybersecurity awareness training that covers the various types of social engineering attacks and how to spot them. One simple method to spot a potential attack is “hovering” your mouse cursor over embedded email addresses and links before clicking to determine if they are legitimate. Users should also learn not to open attachments that are unexpected or don’t come from a trusted source. Organizations should test users before and after training with simulated phishing attacks.
Users should also be required to create complex passwords, and not to reuse passwords for multiple systems and services. Better yet, organizations should implement multifactor authentication (MFA). MFA minimizes the impact of poor password practices and helps to prevent unauthorized access to systems, applications, and services if an attacker successfully steals credentials.
Other Steps to Take
Even with regular training, users are still fallible. Organizations should implement content filters that can identify and block many suspicious emails before they ever reach users’ inboxes. Web content filtering solutions will send users to a “safe” page if they click on a malicious link.
Strictly controlled access privileges can also prevent attackers from moving laterally through the network after stealing user credentials. Organizations should use the principle of least privilege access to define policies that state which systems each user is allowed to access and procedures for approving access.
Mainstream can help you define a robust cybersecurity strategy and implement controls that can help prevent social engineering attacks. Contact us to schedule a confidential consultation.
ABOUT MAINSTREAM TECHNOLOGIES
Mainstream Technologies delivers a full range of technology services in Arkansas and the surrounding region including managed technology services and consulting, custom software development, and cybersecurity services. We also offer industry-leading data center services in our Little Rock facilities. Established in 1996, Mainstream has earned a reputation for delivering quality, reliable, and professional technology services for public and private-sector customers across the United States.
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile