Phishing methods have witnessed an evolution in the current landscape, coercing users into offering credentials. Researchers have warned people to keep an eye out for form-based phishing attacks where the threat actors imitate or abuse branded file-sharing, content-sharing, and productivity websites.
A quick run-through
Barracuda Networks, in its blog post, has stated that between January and April, these form-based phishing attacks impersonated Microsoft and Google services. In some variants, credential theft is not required - the attackers need to be granted access token.
Some statistics your way
- These attacks comprised 4% of spear-phishing attacks - with approximately 100,000 cases in the first quarter of 2020.
- Google storage and file sharing websites were leveraged 65% of the time, while Microsoft brands were leveraged 13% of the time. Other impersonated brands consisted of formcrafts.com (2%), mailchimp.com (4%), and sendgrid.net (10%).
The pandemic has given rise to a number of phishing attacks against enterprises, where the malicious actors have shown no regard for the ongoing crisis. Phishing scams are not a new threat, however, with the increasing sophistication in attack tactics and the current environment, these attacks have the highest potential of being effective.
- The form-based phishing attacks are difficult to identify as the links point to legitimate websites.
- Since the aim of these attacks is to steal credentials, the most probable result would be an account takeover, stated Klevchuk.
Phishing attacks are not going anywhere; hackers will evolve their techniques and form-based attacks are expected to go a long way. Nevertheless, organizations can take steps, such as implementing MFA, improving user security education, and deploying API-based inbox defense, to protect themselves and their customers against such attacks.