CYBERCRIME ADVISORY: US Agencies Release Popular Phishing Techniques Used by Hackers


The Cybercrime Investigation and Coordinating Center (CICC) is warning the public on  popular phishing techniques used  by hackers worldwide  – the phishing for credentials  and phishing for malware .

CICC Executive Director Alexander K. Ramos has issued  the  cybercrime advisory after US agencies  composed of the Cybersecurity and Infrastructure Security Agency (CISA) , National Security Agency (NSA), Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a 14-page report titled, “Phishing Guidance: Stopping the Attack Cycle at Phase One.”  A simplified version of the  guide,  U.S. Government Release Popular Phishing Technique by Hackers    was published on October 20,2023 by CICC  is republishing the article to  help  the public understand and protect themselves from phishing attacks.

What is Phishing?

Phishing is a cyberattack that uses deception to trick people into giving away sensitive information or taking actions that compromise security.

Phishing is often the first stage of a larger attack that can lead to data breaches, ransomware infections, identity theft, and other serious consequences.

Phishing for Credentials

This is a phishing attack  where hackers pretend to be someone you trust and ask you to provide your login credentials, which they can then use to access your systems or resources.

How they do it

•             Sending emails that look like they come from your boss, co-worker, or IT staff.

•             Using text messages or chat platforms to trick you into giving your login credentials.

•             Using internet phone services to fake caller IDs makes you think they are calling from a legitimate number.

How to stop it

•             Train yourself and others on how to spot and report suspicious emails.

•             Use Domain-based Message Authentication, Reporting, and Conformance (DMARC) for emails.

•             Set DMARC to “reject” for outgoing emails.

•             Monitor internal email and messaging traffic.

•             Use strong multi-factor authentication (MFA)  for your credentials.

•             Check MFA lockout and alert settings.

•             Use single sign on (SSO)   for centralized logins.

Phishing with Malware

This is a phishing attack where hackers pose as a reliable source and make you interact with malicious links or email attachments, which can run malware on your devices.

How they do it

•             Sending links or attachments that make you download malware.

•             Using smartphone apps and text messages to deliver malicious content.

How to stop it

•             Use denylists at the email gateway and firewall rules to block malware delivery.

•             Do not give users administrative rights.

•             Apply the principle of least privilege (PoLP).

•             Use application allowlists.

•             Disable macros by default.

•             Use remote browser isolation solutions.

•             Use protective DNS resolvers.

Responding and Reporting Incidents

If you experience a phishing incident, you should take steps to reset compromised accounts, isolate affected devices, analyze and remove malware, and restore normal operations.

Reporting any phishing activity to relevant authorities is important in identifying and mitigating new threats.

Phishing attacks are a major threat, but with effective training, security measures, and incident response procedures in place, you can significantly reduce your risk of falling victim to these attacks.

CICC  is also encouraging  the public to  call its Inter-Agency Response Center  (IARC) 1326  and report phishing attacks.


Leave a Reply

Your email address will not be published. Required fields are marked *