Attackers have figured out that x-rated phishing attacks are very successful. The number of attacks are up almost by a factor of 10.
In part, it is designed to shock people.
If you open an email or visit a web site and when you do, some x-rated content, most people freak out. THAT IS EXACTLY WHAT THE HACKERS WANT YOU TO DO.
Why? Because freaked out people make mistakes and mistakes tend to help the hackers. There you are, you visited what you thought was a benign web page from a search engine and up pops something totally not suitable for work. What do you do? The first thing most people will do is start clicking on stuff to make it go away. Some people will freeze in panic.
THE WHOLE GOAL IS TO GET YOU TO MAKE IRRATIONAL DECISIONS.
Typically these attacks do all of the normal things that hackers do:
- Download malware
- Attempt to get you to enter credit card data
- Track users to follow up with more attacks
I would add one to that list and that is to try and get you to enter credentials.
The hackers will also be able to collect any data that a normal web site can. FOR EXAMPLE, IF YOU ALLOW YOUR BROWSER TO SAVE INFORMATION LIKE EMAIL ADDRESSES, PHYSICAL ADDRESSES OR WORSE YET, PASSWORDS, THE HACKER WILL BE ABLE TO GET ALL OF THAT INFORMATION.
Sorry, but SECURITY **OR** CONVENIENCE, pick just one.
Agari Cyber Intelligence did a test. The put 8,000 fake accounts (ones with no data but which they owned and which worked) on a phishing site just to see what would happen.
25% of the credentials were tested using automation instantly.
For this test (which may or may not represent the greater Internet), just three families of attacks represented 85% of the attempts. This could mean shared attacks, attacks as a service, that there are just a few attackers or that the sample is not representative.
92% of the accounts were manually breached. 20% were breached in just one hour. 91% were attacked within a week.
While many accounts were only accessed once (which could be due to the attackers not finding anything interesting), many were under persistent attack.
The attackers did things like creating forwarding rules, moved to other applications, attempted to use the accounts to launch other phishing attacks and even used that infrastructure to run other BEC attacks. Credit: Threatpost and KnowBe4