Phishing vector vulnerability found
OWASP 2013-A10 OWASP 2017-A6 OWASP 2021-A5 CAPEC-98 CWE-601 WASC-13
The phishing attack is the most used and popular social engineering attack to steal sensitive information like login credentials, steal user data and many more. The attacker sends malicious data to the victim users using the name of the site they visited. eg: The attacker will fake himself to be from the bank and will send a malicious link to the victim user. If the victim user opens the link, the attacker can use him to extract sensitive information like usernames, passwords, financial data and many more. If an attacker successfully exploits a victim user from an organisation, company or Government agency, he could gain complete access to the organisation, company or Government agency. Phishing if properly implemented, can be the most devastating attack on an organisation.
Phishing can be implemented in three ways:-
- E-mail phishing: The attacker will send the malicious link via E-mail to the victim user. According to Symantec’s latest report, one mail among every 2000 might be a potential phishing mail. To protect from E-mail phishing, the users must analyse the link before linking. A malicious link is easily identifiable.
- Cloud storage phishing: This phishing attack affects cloud storage service providers like Google, Dropbox, Amazon and many more. The attacker will send a malicious file to the server and requests the end user to view it using the cloud. If the user successfully accesses the file using the cloud, the attacker will get the credentials of the user. The end user can secure themselves by not accessing files from unknown sources through the cloud.
- Mobile phishing: This phishing attack affects users accessing sites using mobile phones. In this attack, the attacker will send a malicious link via SMS. The users can protect themselves by analysing the links before opening. A server will be vulnerable to phishing attack if it lacks Anti-malware, Web Filters, Data Loss Prevention(DLP), Anti-phishing software and Spam Filters. This misconfiguration will lead to phishing attacks and can result in stealing user data, including login credentials and credit card numbers.
Impact The impact include:-
Exposure of confidential information. Possible theft of secret documents of intellectual property. Loss of trust and reputation among the users.
Mitigation / Precaution
Beagle recommends using the following tools:-
- Web Filters
- Data Loss Prevention(DLP)
- Anti-phishing software
- Spam Filters
- updated Patches