The latest wave of phishing attacks to hit the internet include file sharing site attacks on some of the biggest brands in the business. When it comes to IT security concerns in Boston, it pays to have a powerful ally that can provide you with innovative technology solutions designed to protect your business from cyber-related issues like form-based attacks and social engineering. A multi-faceted approach, which includes network security software, a comprehensive back-up and recovery solution, and education for employees to reduce risk, is the best way to prepare for an eventual attack. Companies looking to expand or increase Greater Boston network security can count on Synivate to help them achieve their goals.
Google Docs and Microsoft Sway
Increasing issues that utilize the exploitation of popular file sharing sites like Google Docs and Microsoft Sway, trap victims into giving over their login credentials. These form-based attacks essentially trick the user, sending a phishing email that contains a link to the legitimate website. It can be difficult for anti-phishing software to detect and prevent the user from clicking on the email link because it appears to be legitimate. However, this method has been quite successful for those behind it, as nearly 65 percent of the nearly 100,000 form-based attacks identified in the first few months of 2020 focused on Google file sharing and storage websites. Some of the websites from Google that were used include the popular docs.google.com, storage.cloud.google.com, and drive.google.com for the exploit. In addition, Microsoft file sharing site attacks, as well as other spoofed sites that include mailchimp.com and sendgrid.net, were also widely used during this time.
So if IT security concerns in Boston that involve creative phishing schemes are difficult to detect and prevent with even the most advanced security software, how can businesses protect themselves from form-based attacks in the future? Education is still the number one weapon against phishing attempts of any kind. It doesn’t matter how creative these individuals are and the ways that they try to persuade users to click on links or download attachments, if you and your team are aware of how these attacks work, they will be less likely to fall for their schemes. Using legitimate websites as part of the plot is nothing new, but the use of popular file sharing sites and mailer programs is on the rise. While it is not all COVID-19 related, as these attacks started way before work-at-home models were even considered, they have certainly picked up steam since more employees began working off of company computers outside the office.
How Form-Based Attacks Work
While the initial link to the company website might be legitimate, the linked access form where the user must enter credentials is spoofed. By all appearances, the web page looks exactly like what the victim would expect to see when they log-in to their file sharing or email generation website. The criminals use a form service like forms.office.com and then link that form to the emails. The form is used to harvest the credentials for the user’s account. Again, the page contains links to legitimate websites, making it also appear legitimate. However, the domains that are used for this purpose would not request their customers to verify account information or make password changes.
Another method that is sometimes used in these file sharing site attacks that have become IT security concerns in Boston is to send what is known as an access token for an APP within the initial phishing email. When the user enters their account credentials, they also receive a list of APP permissions that they must accept to proceed. When they accept the permissions, as they are likely to with a legitimate program that they use regularly, they provide access to all credentials to the attacker. While most users think that they are safe when they use two-factor authentication measures, attacks like these are designed to get around them. This helps the attacker to remain undetected for a long time. Big-name companies like Microsoft have disabled APPs that were used by attackers in this manner, but this method is still widely used with other brands.
Increase Greater Boston Network Security
The best way to arm your business against form-based attacks, file sharing site attacks, and other phishing attempts is to increase your defenses. Artificial intelligence programs, such as API-based inbox defense programs, work to better detect and block attacks to prevent account takeovers and spoofing tactics. Multi-factor authentication (MFA), two-factor authentication, and other two-step verification options will add extra layers of security beyond the basic username and password credentials to prevent a wide range of attacks from being successful. Innovative technology solutions can be established to prevent account takeover and monitor email accounts for suspicious activity.
Even the best Boston network security program is not one-hundred percent foolproof, as cybercriminals continue to work on new methods of attack that can be used against businesses and individuals on a daily basis. Work with our team at Synivate to also establish a comprehensive data back-up and recovery program designed to help you recover quickly from any type of attack and implement an employee education program to prevent phishing and social engineering attacks from being successful. The more your team can learn about email attacks as part of a greater security-awareness training program, the better your defenses will be – no matter how creative cyberattacks get in the future. Contact our team by calling 617-848-1248 to speak with one of our technicians about your concerns or to schedule a personal consultation to address your IT security concerns in Boston.