{"id":105703,"date":"2025-03-05T12:11:09","date_gmt":"2025-03-05T04:11:09","guid":{"rendered":"https:\/\/version-2.com\/?p=105703"},"modified":"2025-03-13T12:14:20","modified_gmt":"2025-03-13T04:14:20","slug":"dangerous-liaisons-in-cybersecurity-attackers-improve-their-phishing-methods","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2025\/03\/dangerous-liaisons-in-cybersecurity-attackers-improve-their-phishing-methods\/","title":{"rendered":"Dangerous liaisons in cybersecurity: Attackers improve their phishing methods"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\u00a0<\/div>

The latest ESET APT Activity Report shows improved phishing techniques that threat actors currently utilize, highlighting the need for high-quality cybersecurity awareness training. <\/span><\/em><\/p>

A general recommendation about phishing attacks is not to click on anything that looks suspicious. That\u2019s easy to follow when employees receive an email full of grammatical errors and typos from an unknown source.<\/p>

However, adversaries have been improving their tactics and experimenting with new ways to make their potential victims fall for phishing \u2014 tactics that may not be so easy to spot. And it\u2019s not only about using AI to create grammatically correct or more convincing emails. Recently, ESET researchers noticed a new trend among North Korea-aligned groups<\/a> trying to build relationships with their targets before sending them malicious content.<\/p>

Statistically speaking, since human error is involved in most data breaches<\/a>, it is logical that threat actors don\u2019t hesitate to leverage this major attack vector. To address this, ESET created ESET Cybersecurity Awareness Training<\/a>, a story-driven course available in English, French, Spanish, and Chinese languages informing employees about current cyber threats and helping businesses with compliance and insurance issues.<\/p><\/div>

A costly mistake<\/h3><\/header>

Verizon\u2019s 2024 Data Breach Investigations Report <\/a>shows that 68% of breaches involved a non-malicious human element, like a person falling victim to a social engineering attack or making an error.<\/p>

Most of those attacks started with phishing <\/a>(tricking a user into giving sensitive information or downloading malicious content) and pretexting <\/a>(use of a fabricated story, or pretext, to gain a victim’s trust) via email, accounting for 73% of breaches.<\/p>

In 2024, the number of detected breaches involving pretexting surpassed the number of breaches involving traditional phishing attacks, according to Verizon\u2019s data. This could be one indicator that threat actors feel the need to use more sophisticated techniques against their targets, according to the report.<\/p>

Breaches involving a human element are not only prevalent but also costly, according to IBM\u2019s Cost of a Data Breach Report 2024<\/a> conducted by Ponemon Institute. Ponemon\u2019s researchers looked at 604 organizations in 16 countries and regions, finding that an average business loss due to phishing has now reached USD4.88 million per breach. This makes phishing attacks the second costliest type of attack, right after impacts from malicious insiders, which account for an average of USD4.99 million.<\/p><\/div>

I have a proposal for you<\/h3><\/header>

Recent ESET findings<\/a> confirm this trend of threat actors utilizing improved social engineering techniques.<\/p>

In Q2 2024\u2013Q3 2024, ESET researchers saw the North Korea-aligned activity cluster Deceptive Development and North Korea-aligned group Kimsuky enhancing their phishing attacks with pretexting methods. For example, both tried to use fake job offers to approach the targeted individuals, and only after the victim responded and a relationship was established did threat actors send a malicious package to the victim.<\/p>

Another group, Lazarus, distributed fake job offers for desirable positions at large companies like Airbus or BAE Systems and delivered trojanized PDF viewers along with decoy PDF documents. This group also impersonated recruiters on professional networks and work platforms, distributing trojanized codebases under the guise of job assignments and hiring challenges with the aim of cryptocurrency theft.<\/p>

Kimsuky targeted North Korea experts working for NGOs and researchers in academic circles with fake requests to grant a media interview or give a presentation. They tried to establish a relationship with a good old apple-polishing \u2015 sending amiable emails that praised the target\u2019s expertise and asked for help. Once the attackers gained the trust of their victim, Kimsuky delivered a malicious package, usually disguised as a list of questions that should be answered before the event.<\/p>

The BlackBasta ransomware gang also adopted this relationship-oriented method when targeting businesses, according to the recent discovery <\/a>of the ReliaQuest threat research team.<\/p>

First, they send mass email spam targeting employees, provoking them to create a legitimate help-desk ticket to resolve the issue. Then, attackers posing as IT support or help desk staff contact employees via Microsoft Teams chat and send them a malicious QR code, likely for downloading a remote monitoring and management (RMM) tool that BlackBasta can exploit.<\/p><\/div>

How to avoid a toxic relationship<\/h3><\/header>

Seeing the above-mentioned cases, it is clear that employees are a critical component of any business\u2019s security that needs to be taken care of. In general, cybersecurity awareness training not only helps businesses to deflect user-oriented cyberattacks and fulfill compliance\/insurance requirements but also decreases losses in case of a successful breach by around 5.2%<\/a>.<\/p>

ESET acknowledges this threat vector with the global launch of ESET Cybersecurity Awareness Training<\/a>, which complements ESET PROTECT<\/a>, a multilayered AI-powered solution for businesses.<\/p>

Both employee training and multilayered security are integral parts of what ESET calls a prevention-first approach designed to completely evade cyber threats or mitigate them with no or only minimal disruptions in the business flow. It is a complex strategy of shrinking the attack surface while effectively reducing the complexity of cyber defense.<\/p>

ESET Cybersecurity Awareness Training<\/a> aims for both of these goals. First, it helps employees to recognize standard and novel cybersecurity threats abusing human factors. Second, it is easy to deploy and operate thanks to deep integration possibilities with various systems, a customizable training portal, and an easy-to-use dashboard. Thus, businesses don\u2019t need to spend more precious IT staff time on it than necessary.<\/p><\/div>

Let\u2019s make it interesting!<\/h3><\/header>

ESET Cybersecurity Awareness Training <\/a>offers an engaging and story-driven experience that helps employees understand which common bad user habits of can endanger the whole company. It also explains how threat actors think \u2014 for example, how they search potential victims\u2019 social network profiles to guess their passwords or impersonate them.<\/p>

The training is based on three decades of ESET expertise in this area and is designed to change employee behavior, rather than merely to check a box for compliance or cyber insurance.<\/p>

To keep employees vigilant in the long term, ESET Cybersecurity Awareness Training comes with phishing test simulations that businesses can run an unlimited number of times.<\/p>

Benefits of Premium Cybersecurity Awareness Training <\/strong><\/p>