2016 Democratic National Committee Email Leak:During 2016 United State Presidential election, the Democratic National Convention’s email leak appeared which was supposedly done by Russian intelligen.
2016 Democratic National Committee Email Leak:
During 2016 United State Presidential election, the Democratic National Convention’s email leak appeared which was supposedly done by Russian intelligence agency hackers. The leaks, which were published by WikiLeaks and DCLeaks, more than 150,000 emails were stolen from personal Gmail account of twelve staffers of the Clinton campaign and accounts linked to the DNC. It was done by phishing email. The hacker made a spear phishing email which appeared to be an authentic email from Google, requesting user to change their password due to malicious activities on their account. Hacker created similar kind of google URL with the help of bit.ly. This was sufficient to tricked people into entering their google credentials, by which hackers had complete access to their targeted emails accounts. Once, they got the credentials, the hackers started downloading emails attachments and leak thousands of emails containing sensitive information to the Clinton campaign.
How the DNC could have been prevented from social engineering attack:
1) Can created different layers of security controls which works together to block different parts of the hacker’s attack chain.
2) Web Security controls which can help users keep away from bad sites, intrusion prevention services, email security.
3) Use of threat protection products which can help to identify even the most dangerous malware.
4) Proper training to users to recognize malicious emails and providing them with the strategies to avoid from social engineering victims.
Is it possible to protect completely our web services from social engineering attacks?