“From using QR codes in emails to sharing links via Microsoft Teams, threat actors are evolving their methodology to manipulate humans to click on the bait. This is not phishing through email; it's phishing through an instant messaging platform.” – Laurie Iacono

Kroll saw social engineering tactics increase dramatically in the third quarter, with significant increases in phishing (8%), valid accounts (9%) and voice phishing (“vishing”), as well as other tactics (3%). This rise in social engineering activity aligns with multiple open-source reports warning about these types of attacks via Microsoft Teams and the rise of activity by the group KTA243 (SCATTERED SPIDER), which uses phone- and SMS-based social engineering tactics to lure users into exposing their credentials. See how this was accomplished via the Kroll intrusion lifecycle: https://www.kroll.com/en/insights/publications/cyber/kroll-intrusion-lifecycle

Read our Q3 2023 Threat Landscape Report: https://www.kroll.com/en/insights/publications/cyber/threat-intelligence-reports/q3-2023-threat-landscape-report-social-engineering

Read all our Cyber Threat Intelligence Reports: https://www.kroll.com/en/insights/publications/cyber/threat-intelligence-reports

Get the latest from the Kroll Cyber Risk blog: https://www.kroll.com/en/insights/publications/cyber

Demo Kroll Responder, our MDR solution: https://www.kroll.com/en/services/cyber-risk/managed-security/kroll-responder

Read the latest Cyber case studies: https://www.kroll.com/en/insights/publications/cyber/case-studies

#Q32023ThreatLandsdcape #socialengineering #KrollResponder #KrollMDR