Credential harvesting is the process of virtually attacking an organization to illegally obtain employees' login information such as usernames, email addresses and, passwords. Cybercriminals then sell sensitive information on the dark web or use it to impersonate the user in further attacks.
A common type of credential harvesting is the use of phishing emails. These emails contain an attachment and/or a URL that, when clicked it will upload data-stealing programs onto the computer. While phishing emails are the most common attacks, malware viruses, cloned website links can also perform password harvesting—using unsecured third party vendors and ransomware.
An example of phishing email, the (1) email header, (2) subject line, (3)body, (4) hyperlink masked as an Order number, and (5) requirement of confidential data (e.g. username and password).
An example of spear phishing email, the (1) email header, (2) subject line, (3)greeting to targeted person, (4) urgency to respond or click, and (5) a hyperlink to a website masked as legitimate, with requirements for users to enter confidential data.
Best practices to prevent credential harvesting:
1. Multi-Factor Authentication (MFA) is the best way to reduce cyber attacks against an organization. Brink’s uses MFA also known as 2-factor authentication, so ensure you are using it.
2. Use a VPN when connecting to untrusted Wi-Fi. VPNs will encrypt all your data sent over a network.
3. Use a strong password phrase for all accounts. Do not use the same password when using your Brinks email to register at an external website. Remember to never write passwords down on papers or store them in plain text documents and files.
Remember never to download attachments or click on links provided in unexpected emails. Always stay vigilant and immediately report suspicious emails using the Report Phishing Cofense button located in your Outlook toolbar.