
Risky Bulletin
Sponsored: Proofpoint on the rise of ClickFix attacks
Dec 8, 2024
Selena Larson, a Senior Threat Intelligence Analyst at Proofpoint, dives into the unsettling world of cybersecurity threats. She reveals how attacker-in-the-middle phishing techniques are evolving to outsmart two-factor authentication. The discussion also uncovers the rising 'click fix' attacks, where cybercriminals masquerade as tech support to install malware on unsuspecting users' devices. With insights on credential theft and defensive strategies, Larson emphasizes the need for heightened awareness and smarter security practices.
13:16
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Attacker-in-the-Middle phishing is increasingly prevalent, employing advanced techniques to effectively bypass multi-factor authentication and steal sensitive information.
- The evolution of social engineering, particularly the ClickFix tactic, emphasizes the importance of user awareness and proactive security measures against malware threats.
Deep dives
Prevalence of Attacker-In Phishing
Attacker-in phishing is becoming increasingly common, particularly through techniques like reverse proxies and relays, which allow threat actors to steal usernames, passwords, and multi-factor authentication (MFA) tokens. Kits such as Mamba and Tycoon exemplify these phishing methods, with services like Evil Proxy and Evil Jinx facilitating the attacks by rewriting sites in real-time. The sheer volume of these phishing campaigns is significant, often targeting O365 and Gmail credentials with thousands of phishing messages sent out. As MFA is widely used, attackers have adapted by utilizing these advanced techniques to bypass defenses, reinforcing the necessity for organizations to enhance their security measures.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.