FEATURE
update in the context of Coronavirus . The other subject had a more typical payment transfer theme . Both sets of messages had attached files with the same filename that delivered the malicious code .
Rising threat # 2 – Lookalike domains
Another threat that could be on the rise is Lookalike domains . Cybercriminals are moving to lookalike domains to fool victims in their efforts to impersonate the target organisation or brand .
Often , phishing websites feature domains that impersonate the real brand . These are crafted by cybercriminals to resemble the legitimate brand ’ s domain . Character substitution is a popular technique employed by cybercriminals with the goal of manipulating users into exposing credit cards , passwords and other sensitive data .
Researchers also found that cybercriminals are using valid Transport Layer Security ( TLS ) certificates which is an attempt to make the lookalike domains appear legitimate . In late 2019 , researchers note that there were more than 100,000 lookalike domains impersonating legitimate retailers . Industries that can be heavily impacted by these types of attacks are retail and banking , where users typically enter their credentials to execute a transaction .
Rising threat # 3 – Data exfiltration
Your work-from-home users are still accessing , interacting with and storing corporate data on their devices as part of their day-to-day business operations . But they are now doing it outside the corporate perimeter .
That data , even if stored on companyprovided devices , could be exposed to
Virtual Private Networks ( VPNs ) have been touted by some as a solution to the challenge of securing employee ’ s access to the corporate network .
theft . DNS tunnelling or data exfiltration is an attacker technique that uses malware to gather sensitive data from a compromised system . It packages up the data into small chunks and embeds them within a string of DNS queries . The DNS queries carrying the data are
38 www . intelligentciso . com