Acceleration Economy Minute

Lookout Research: Novel Phishing Threats Target Cryptocurrency, Driving Need for Robust Endpoint Security

Kieron AllenBy Updated:2 Mins Read
AE Network minute logo

In episode 122 of the Acceleration Economy Minute, Kieron Allen and guest Chris Hughes take a look at new research from Lookout that exposes novel phishing techniques and sheds light on the importance of endpoint security.

Highlights

00:21 — New research from Lookout unearthed novel phishing techniques targeting various cryptocurrency platforms and the Federal Communications Commission (FCC). They’re essentially tricking the users into logging into malicious and fake websites.

01:15 — They are mimicking the authentication workflows that you might be using for a single sign-on, like one from Okta. These are widely trusted identity providers that are used in large enterprise environments, so users feel comfortable. It has some advanced techniques like using CAPTCHAs. Everything seems normal.

01:56 — It’s capturing credentials and sensitive data (usernames, passwords, and authentication tokens). You get login credentials and information from users, which can be used to authenticate access into environments they may have access to and move laterally between other organizations, environments, and systems — maybe even systems with more sensitive data.

Ask Cloud Wars AI Agent about this analysis

02:49 — You can even persist in those environments if the organization doesn’t understand or know that a current account has been compromised. It’s a pretty nefarious technique: social engineering combined with some technical competency to trick people.

03:22 — It’s a complex phishing kit, as Lookout described it, due to the fact that users are directed to provide secondary authentication and that they’re directing users to third-party web pages. It seems like a lengthy process. It’s an incredibly relevant and stark example of how effective phishing can be.

04:15Endpoint security is key here. Companies like Lookout can identify behaviors and techniques and notify users, “Hey, this seems to be nefarious.” They have identified these techniques in the wild, and they’re feeding it back into their platform. That way, they can integrate it into their offering and provide that heads-up.

Guidebook: Endpoint & Mobile Data Protection

Interested in Lookout?

Schedule a discovery meeting to see if we can help achieve your goals

Connect With Us

Book a Demo

Share.
Analystuser

Kieron Allen

Cloud, AI, Innovation
Cloud Wars analyst

Areas of Expertise
  • Business Apps
  • Cloud
  • Cybersecurity
  • Data

Kieron Allen is a Cloud Wars Analyst examining innovations in, and the future impact of, the latest AI, cloud, cybersecurity, and data technology developments. In his ongoing analyses and video reports, Allen focuses on the platforms, applications, people, and ideas that will mold our digital future. After serving as the Online Editor for BBC Sky at Night Magazine and as the Editorial Assistant for BBC Focus Magazine, Kieron became a freelance journalist in 2015 where his focus on the business technology market became a key passion. Kieron partners with technology start-ups and organizations that share his interests in science, social affairs, non-profit work, fashion and the arts.

  Contact Kieron Allen ...

Related Posts

Add A Comment

Comments are closed.