IT and Business Insights for SMB Solution Providers

How to disrupt attacks caused by social engineering ( copied from Microsoft Secure Blog)

 5: Stages of a phishing attack

  • Phase 1: Threat actor targets employee(s) via phishing campaign
  • Phase 2: An employee opens the attack email which allows the threat actor access to load the malicious payload or compromise the user identity
  • Phase 3: The workstation is compromised, threat actor persists malware, threat actor gathers credentials
  • Phase 4: Threat actors use stolen credentials to move laterally and gain unsolicited access and compromise key infrastructure elements
  • Phase 5: Threat actors exfiltrate PII and other sensitive business data

There is a great article on this topic here

    About the Author

    ChannelPro SMB Magazine
    SUBSCRIBE FREE!

    Get an edge on the competition

    With each issue packed full of powerful news, reviews, analysis and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.