If a single click on a phishing email can ruin the entire company, the blame doesn’t lie with that individual.

  • slazer2au@lemmy.world
    link
    fedilink
    English
    arrow-up
    94
    arrow-down
    1
    ·
    5 months ago

    There are very few one click total compromises out there.

    Most of the time clicking on the link will get to a phishing page to harvest credentials or prompt to download a zip or pdf which has the actual malware exploit/payload.

    • cron@feddit.orgOP
      link
      fedilink
      arrow-up
      38
      arrow-down
      1
      ·
      5 months ago

      True, in many cases there is a whole chain of vulnerabilities and misconfigurations, and everything starts with one phishing mail. For example:

      • successful phishing
      • VPN without 2FA, allowing the attacker access to company services
      • internal services with vulnerabilities, allowing the attacker to compromise a server
      • permission misconfiguration, allowing lateral movement

      That was the point of this meme. It is not phishing alone that gets the company in trouble, its mostly a series of misconfigurations.

      I think that in cyber security, we have to assume that phishing will be successful sometimes - and be prepared when it happens.

    • Buelldozer@lemmy.today
      link
      fedilink
      arrow-up
      4
      ·
      5 months ago

      Yep and then whatever is trying to execute should be limited by user permissions, app whitelists, EDR / MDR, and a pile of other defenses.