At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Harvested Credentials Are Put Up for Sale Monthly on the Dark Web at a Rate of 10,000 a Month

    Credential harvesting has become a business in and of itself within the cybercrime economy. New insight from Microsoft details the types of attacks your organization should watch out for.

    I’ve attempted to cover every Microsoft 365 credential harvesting attack since the platform is so popular and is an easy target for cybercriminals. But the news coming from their newly-released Microsoft Digital Defense Report 2023 puts this type of attack into perspective.

    Not only should the 10,000 credentials per month data point make you realize that these types of attacks are prevalent, but there is a black market buying at an equally-blistering pace.

    In the report, Microsoft points out five specific examples of credential-harvesting attacks:

    • Emails sent from a trusted third party – compromise one account and then send a malicious email to everyone in their contact list intent on stealing each recipient’s credentials.
    • Using legitimate URLs – I’ve covered plenty of stories where threat actors used legitimate web platforms to host landing pages (that usually redirect to malicious sites) in order to bypass security scanners.
    • Using OneNote attachments – The use of this file type in attacks is in response to Microsoft disabling macros and attackers needing a relatively commodity filetype supported by the largest number of potential victims possible.
    • OAuth – the attacker exploits the device authorization grant process within M365 to trick a user into granting them access to their account using a phishing link.
    • Targeted Attacks – attackers do their diligence on a potential victim and create tailored attacks with appropriate look-alike domains.

    In all of these cases, the onus may end up solely on the recipient user, with security solutions potentially none-the-wiser. So your users need to be as up-to-date as possible on the latest attack methods through continual security awareness training.

    KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    Request A Demo: Security Awareness Training

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    Request a Demo

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top