It has grown increasingly common to wake up in the morning and read about yet another huge data breach that has struck a massive organization with an important online presence. One of the latest has happened to eBay, the online auction house giant that is one of the most widely used services in the history of the internet.
A phishing attack is one that would essentially attempt to trick eBay employees into giving up important security credentials that could then be used by attackers to infiltrate the site. An attacker might go to LinkedIn, for example, and look for employees of eBay. Using LinkedIn they could then get important names and correlate that data with social media posts, accounts, and other sites. The employee in question would then be sent an email with an embedded link to click on. When the link was executed, malware would be installed on the computer and the attacker would gain control of the machine in question.
Social engineering is a bit of a different concept. An attacker would initially use email to make contact with the eBay employee and would then follow up with a phone call. The victim in question would already have a false sense of security because they would be waiting for the call. The call would then be used to persuade the employee to click on the link, which would install the same type of malware.
eBay has been understandably slow to verify any of these details, if they even know the details themselves at this point. Because there were over 100 employees involved in the breach, however, it looks like one of these two methods was used to carry out the infiltration.
Phishing attacks and social engineering attacks are surprisingly common in both the United States and Europe. When these types of attacks are carried out, a two-pronged approach is much more effective as it essentially tricks the victim into thinking that they are speaking with someone legitimate.
One of the most interesting bits of information to come out of the eBay breach is that the attacker had complete access to their network for 229 days. That may seem like a long time, but in reality it's quite short with regards to data breaches. With a data breach, the attacker needs to be careful to avoid getting detected for as long as possible.