This case study is a combination of two attacks password and phishing. Password attack is one of commonly happen attack in our society due to lack of awareness about cyber security. In today’s time, technology is growing rapidly but still our society’s major chunk is deprivedfrom the knowledge of how to use technology securely. In this case study the attacker first performs password attack to get an access to an email account and then performs phishing attack further.
The incident happened in one of the well-known academic institution. The incident consisted of emails received from a very senior and high profile person to other users. The suspected emails contained a malicious executable as reported by the other users. After investigation regarding the emails it was found the senior person had not sent any such emails to others which could compromise of the user’s credentials .During investigation, “Last account Activity” details were monitored which showed the particulars of last ten logins of the persons Gmail account such as location, IP, method and time. From the particulars it was identified that last logins details were suspicious. So it was basically the crime against individuals targeting the users from the persons address book to access their data which includes personal details, banking information, login credentials etc. The incident happened with motives to steal user’s credentials and conduct further targeted social engineering attacks against affected people. Here the attacker was from the organization itself who tried to steal the credentials of the users by misusing other persons email address. Here the attacker wanted to satisfy two goals one is defaming the senior employee as he was having some personal grudges with him and second one is misusing user’s credentials.
The incident happened due to common type of vulnerability i.e. weak password. The following Figure 1.1 shows the different stages of attacks in present case study.
The case study suggests there is a necessity of spreading more awareness about end users best practices. Specifically with using strong password protection and authentication which any common person can easily do it at entry level.
This Article is written by Ms. Sampada Margaj, Member Digital Security Program as part of Monthly assignment for Month of May 2019. This Article is selected as best article for the month. Sampada is Asst. Professor, Computer Science at Kitti College, Dadar, Mumbai