I was prompted to write this post by the unbelievable numbers and frequency of Evite.com compromises we have been seeing in our Dark Web searches. Evite.com had a 10,000,000+ email breach in February of 2019. Evite has said that only data from 2013 and earlier has been compromised. If you are using the same email address today as you were prior to 2013, received or sent out Evites, then this breach should concern you. Fast forward to the Spring of 2020, this list is currently for sale from various purveyors on the Dark Web. You can read more about the Dark Web in a previous post. https://www.linkedin.com/pulse/dark-deep-different-what-every-business-leader-need-rick-rudolph/

By now most people are aware of what a Phishing attack is and perhaps they have heard of Spear Phishing. We would like to further categorize a specific type of attack as Duck Phishing as it is a type of attack whose sophistication and execution target Small and Medium Size Organizations. The following are the different definitions we use in describing Phishing attacks.

Phishing Attack (Abstracted from Wikipedia) - The cyber-criminal has a large list of names and email addresses and no other information. Phishing attacks are incredibly easy to do, relatively low success rate, still profitable enough that it happens every day in the millions.

Duck Phishing – The cyber-criminal has a large list of names and email addresses (and perhaps other information) whose provenance (source) is known These lists are typically obtained through a specific data breach, and the contents of these breaches are for sale on the Dark Web. It is the quantity of additional information available in a data breach which converts a random target into a sitting Duck. The more data available in the breach, the more likely the Duck Phishing campaign will be successful.  Duck Phishing attacks require more investment and resources, lists need to be purchased and messages need to be tailored. Will have a much higher success rate, and is a quite lucrative crime model)

Both Phishing & Duck Phishing are some of the bread and butter of the Dark Web and they target individuals and Small to Medium size organizations. To protect oneself, it is critical to understand that in most cases, the motivation of the cyber-criminal is simply Money. These phishing attacks are merely the first step in stealing money from you. The cyber-criminals launch an attack on your machine the moment you open an infected document or click on a link. If they are successful in evading your endpoint protection, they create a foothold which gives them 24X7 access to your machine. Then they focus on spreading throughout your network. Once they have completed the infection stage, they begin the discovery phase. They evaluate the data, and come up with their plan. Are they going to encrypt your data and charge you a ransom, or are they going to steal sensitive data threatening to publish the information on the web destroying your reputation? Or are they going to do both (remember they are criminals).

Ignorance is not bliss! When the CyberSharks go phishing are you going to be a sitting duck with your email address exposed to the world or are you a cool looking dog with some designer shades confident that his data is safe? If your email address is on a breach list, do you know what to do about it. Has your staff been trained in detecting phishing emails? Have they been tested recently? Did your technology provider give you a heads up about the Evite.com breach?

If you need help answering these questions, or you are concerned that your data and IT infrastructure is at risk, I invite you to have a conversation.

Whether you are currently working with an existing MSP or not, I am happy to share insights on ways to keep your data safer. To make scheduling easier, here is a link to my calendar https://calendly.com/rick_rudolph/15min, please pick a time that works best for you.

[email protected] | 703.879.2070

Copyright © 1994-2020 Solve, Ltd – All rights reserved.