Skip to content
L2 Cyber Security Solutions
  • Home
  • Services
  • Prices
  • GDPR
  • Blog
  • Testimonials
  • About Us
  • Contact Us
L2 Cyber Security Solutions
  • Home
  • Services
  • Prices
  • GDPR
  • Blog
  • Testimonials
  • About Us
  • Contact Us

#WeekendWisdom 091 Phishing for Credentials

August 20, 2021 | Comments Off on #WeekendWisdom 091 Phishing for Credentials

Welcome to #WeekendWisdom number 91. This week we’re going to talk about phishing for credentials.

https://www.l2cybersecurity.com/wp-content/uploads/2021/08/WeekendWisdom-091-lo.mp4

This sounds familiar

I covered something pretty similar back in #WeekendWisdom number 42 where I covered Consent Phishing.

But credential phishing is where the criminals are going to try and get you to give up your login ID, usually your email address and your password. They can later on compromise your email account or perhaps log into your office systems to be able to execute a ransomware attack.

How do they carry out phishing for credentials?

The methods they use are varied, but a very sneaky one that they typically use is, they will send an email with an actual SharePoint link in there, or this could be a Google Drive link as well. People are very familiar with SharePoint links and Google drive links. They are usually fairly safe to click because these are things that people deal with on a day-to-day basis. They’re not some crazy dodgy site that you are being linked to. It’s something you’re familiar with.

Then when you click on the link, then it will say “Oh. You need to sign into your Microsoft account” or “… your Google account to be able to get into this document.” That’s where they catch you. They pop-up a login page and you give up your user ID and password in there. Now they have it.

How can you protect yourself from this?

So it’s really important that you implement something like multi-factor authentication to get an additional set of protections from these sorts of attacks.

So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.


How can L2 Cyber Security help you?

We offer a full range of training programmes, which can be delivered online or in-person*.

L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.

Contact us for more information at info@L2CyberSecurity.com.

*With appropriate social distancing and other health and safety measures adhered to.


Follow us on Social media:

Liam is available on Twitter, LinkedIn and Instagram.

Follow L2 Cyber on Twitter, LinkedIn, Instagram and Facebook.

© L2 Cyber Security Solutions

 

Posted in News and tagged #SecuritySimplified, #WeekendWisdom, Clare, Credential Phishing, Credentials, Cyber Security, Google Account Login, Google Drive, Google Drive Link, Limerick, Link, Microsoft Account Login, Phishing, Phishing for Credentials, SharePoint, SharePoint Link, Tipperary

The Ten Commandments

View our Ten Commandments of Cyber Security.

Recent Posts

  • ESB text message scam.
  • #WeekendWisdom 100 Something Completely Different
  • #WeekendWisdom 099 Using the security.txt file
  • #WeekendWisdom 098 Lessons from the Facebook Outage
  • #WeekendWisdom 097 Record Number of Zero Days

Search

Tags

#SecuritySimplified #WeekendWisdom Backups Best Practice Botnet Breach CEO Fraud Clare Commandments Covid-19 Covid19 CyberSecMonth Cyber Security Data Breach Data Privacy Data Protection Data Protection Commission DDOS Defence in Depth DPC Facebook Fake Fraud GDPR Internet of Things IoT Limerick LinkedIn Malware Microsoft Mobile Security Password Phishing Ransomware Scam Security Social Engineering Spear-Phishing Tipperary Training Two-Factor-Authentication USB Vulnerability Webinar Yahoo
© 2017-2023 L2 Cyber Security | Data Protection Notice
Scroll To Top