The most popular phishing keywords

Everyone should be suspicious and wary of seemingly harmless emails in their mailboxes.


"The attackers are trying to trick people into giving them their credentials. The best way to do this is to make your email look formal and completely legitimate, to invite a clear action and to saturate it with emotions - urgency or fear of losing something ", explains Ben Brigida, Director of Operations at Expel .

The steps are quite simple - something like "go to this site" or "open this file". But the attacker wants to make you act quickly so that you don't have time to stop and ask yourself if something is rotten, "the expert added. Urgency is a major factor in fraudulent letters, experts warn. Messages are designed to create a "sense of urgency" and provoke immediate action.


Invoice

Outstanding debt is a leading motive in phishing attacks. The main keyword of the analyzed tens of thousands of phishing emails is "invoice" in any combination. "Missing invoice", "Invoice number ####", "Re: invoice" and other variations suggest the need for increased attention.

The letters use "common business terminology", often seem quite reasonable, do not easily stand out as suspicious.


Important message

Another frequently exploited motive is new messages. Examples of phishing of this type include models such as "You have a new message from *****", "New fax to ####" and the like. Scanning faxes are often toyed with. Seeming to be quite ordinary and legal, such emails often use the term "new" to "increase the interest of the recipient." The psychological motives are clear - "people are easily attracted to new things in their inbox, wanting to make sure they don't miss something important."


Expiring passwords and codes

Other headers and messages that provoke further action speak of some kind of expired data - things like a password that needs to be changed, a code that needs to be renewed, and more.

"Keywords that encourage action or provoke a sense of urgency are popular with attackers because they encourage people to click without spending as much time thinking," they said. Phrases such as "required", "urgent", "urgent", "immediately", etc. are used.


Social engineering

Organizations face an average of more than 700 social engineering-based cyberattacks each year. Many successful attacks are based on compromised business emails (BEC), according to a July report by Barracuda Networks. Of all the social engineering attacks analyzed by the company's researchers, phishing accounted for 49%.


Source and author: technews.bg

Link: https://technews.bg/article-136753.html



Ask here