Recientemente, the GitLab platform conducted a security audit, analyzing if working from home employees are resistant to phishing attacks. Como se vio despues, every fifth got on phishing in GitLab: 20% of employees agreed to enter their credentials on a fake login page.
A training attack conducted by the GitLab Red Team simulated a real phishing campaign, the purpose of which was to find out the credentials of GitLab employees. Para este propósito, information security specialists registered the gitlab.company domain name and configured it to send phishing emails using the open source GoPhish and GSuite from Google. Phishing emails were designed in order to simulate real notifications from the IT department, allegedly informing about the need to update the laptop.
«The target users were asked to click on the link, supposedly in order to agree to the update, but in fact this link led to a fake login page on GitLab.com located on the gitlab.company domain», — say in GitLab.
During the audit were sent 50 such emails. Como resultado, 17 (34%) of recipients clicked on the link in the message, going to a special phishing site. De estos, otro 10 gente (59% of those who went to the site, y 20% of the total tested group) continued to work and entered their credentials on a fake page. Sin embargo, solamente 6 fuera de 50 recipients of phishing messages (12%) reported a phishing attempt to GitLab security staff.
Vale la pena decir que, according to Verizon’s informe, 22% of the total number of incidents related to data disclosure usually related to phishing, y sobre 90% of incidents are related to social interaction. The report also states that on average, the frequency of clicks on phishing links should be much lower – 3.4% against 20% shown by GitLab employees.
Another information security company, rápido7, escribió that the frequency of clicks on links in phishing emails varies from 7 a 45%. Otro 2018 informe, compiled by KnowBe4, states that the average percentage of workers vulnerable to phishing attacks in various industries is 27%.
De acuerdo con la Vade Secure report, durante la pandemia, the number of phishing attacks using Facebook increased por 358.8%, and using Whatsapp messenger – por 13467%.
GitLab’s vice president of security, Jonathan Hunt, told The Register that he’s generally happy with the results of the audit and is pleased to see that GitLab’s results are better than average in the enterprise.
“Initially, el [Red Team] suggested that more people would fall for this phishing bait, but this assumption turned out to be wrong. Some vendors claim that the average success rate of phishing attacks is about 30-40%, so it’s nice to see that we are staying below this level»
Considering that popularity of phishing does not think to wane, Hunt emphasizes that companies are required to train their employees in information security, regardless of whether they work remotely or not:
“This means that companies, regardless of whether they work remotely or not, must train their employees so that they maintain the proper level of vigilance when dealing with e-mail. As organizations move more and more to remote work and, potencialmente, can more frequently use cloud services, user identity management and multi-factor authentication become critical factors. "
Let me remind you that Github also recently warned employees and users about the increased danger of phishing attacks.
