The expanding online devices on a network are an alarming threat to the cybersecurity front of many organizations. As the universe of potential cyber-attack vectors dilates, organizations ought to build mechanisms to guard against the innovative social engineering attacks. Social engineering attacks are one of the most prevalent, severe and dangerous types of cybercrime faced by the organizations worldwide. Phishing is one of the cybercriminals’ favorite tactics which involves a fraudulent message, usually via email, pretending to be a trusted person or an entity in hopes of tricking an unsuspecting victim into revealing sensitive information. In 2021, 83% of organizations reported experiencing phishing attacks whereas, in 2022, an additional six billion attacks are expected to occur.
An incident of a novel phishing campaign was reported by bleeping computer stating that the Greeks are being targeted with phishing sites that impersonate the state’s official tax refund platform and steal credentials of the users who type them. The campaign uses a keylogger which intends to trick the victims into entering their banking credentials and steal the data relating to various online payment systems. The keylogging program silently copies the keystrokes of computer users and allegedly allows real-time illegal access to the cybercriminals. The keylogger infects the system by staying hidden inside other software and directly sends everything the users’ type on these sites, including the unsaved credentials, to the malicious actors. The hackers sent phishing emails to the victims mimicking the Greek government tax portal by imitating their URLs and claiming the need for validation of beneficiary’s bank account details to refund tax. The fake portal contrived by the threat actors deceives the users into entering their banking credentials by displaying several major Greek banks and redirects them to their selected fake login page, on their own phishing domain, having the same theme as the original website.
The Use of real-time keylogging as accentuated in the phishing campaign targeting Greeks is taking place atop a deeply fragmented and underdeveloped system of cybersecurity resulting in exploitation of organizations and starting a new trend of cyberthreats in the field of Phishing. Using keyloggers to gather behavioral information for the purposes of market research is just as much an invasion of privacy as the hacker’s use of this technology to steal passwords. Users should remain vigilant while receiving unsought emails containing malicious links and offering fake benefits. Proactive protection should be employed to protect the system against theft and modifications of banking credentials. A system should be put in place to generate one-time passwords to protect against keylogging software and hardware.