9. Increased Social Engineering Will Force Firms To Rethink Their Social Media Policies
Social engineering and credential phishing attacks will in 2019 increase to a volume that surpasses malware attacks, according to staff at enterprise security company Proofpoint. These attacks will feature links to legitimate domains such as Microsoft OneDrive and Google Drive to improve the believability of the social engineering and make the attacks harder to detect with automated systems, Proofpoint said.
Social engineering attacks have become increasingly effective as threat actors are able to use previously-leaked internal information about the targeted organization to make their messages look more legitimate, according to Kaspersky Lab researchers. The main idea remains making the targets believe that the request for wired money has come from business partners or directors, Kaspersky said.
Cybercriminals consistently sweep the web for useful information that businesses and employees willingly put on social media profiles, job listings or employee bios to perfectly execute an email spoof of impersonation attack, said Eyal Benishti, founder and CEO of Ironscales. But Benishti said companies will at last have serious conversations about limiting the information shared online in order to reduce risk.
