Social Engineering Series: Watering Hole

This is second post in our series on social engineering. You can also see the series on Facebook, LinkedIn, and Google.

A Watering Hole attack targets a specific organization where malware is installed on one or more websites that the users in the organization frequently visit. In turn, the malware is released back into the systems of the organization.


Characteristics of Water Hole Attacks:

*This is a fairly common method used by state-sponsored hackers and in cyber espionage. 
*These require prior research by the hacker on the victim’s web-use habits.
*Typical targets are employees of large companies, governments, and even non-profits and humanitarian groups. 
*Once a vulnerability is detected, JavaScript or HTML code is injected that redirects the target to a different site, which has the malware which will infect the target. 
*It is important to use two-factor authentication.
*Consider using a Virtual Machine.
*Be aware of the risks and keep virus protection up to date.


For your business computer support needs, call PAXIS Tech today at 865-588-9823.


Pin It on Pinterest

Share This