Story image

Spoofs, forgeries, and impersonations plague inboxes

18 Feb 2019

It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.

According to security firm INKY, Q4 2018 was a busy period for phishing scammers as online shopping, shipping notifications, returns and virtual holiday greetings bombarded inboxes.

However, not all of those emails were legitimate. INKY analysed the phishing attacks with the highest volume and found that scam emails are more targeted than ever.

“Phishing attacks remain one of the largest threat vectors as cybercriminals have increasing access to sophisticated toolkits through the Dark Web and the human element remains the most porous aspect of cybersecurity,” comments INKY CEO Dave Baggett. 

“Even the most informed and vigilant members of an organisation that take extra measures to practice proper cybersecurity posture can fall prey to phishing attacks that are becoming indistinguishable from legitimate channels of communication.”  

More than half of all phishing emails bypass traditional anti-spam filters. This suggests that older generation phishing filters just can’t identify personalised attacks.

Corporate VIP impersonation takes the lion’s share of attacks

The report found that 11.4% of all phishing attacks impersonated VIPs or senior executives. 

"This type of attack is usually fairly involved and often delivered in real-time. A typical scheme can involve a scenario where the CEO (or perhaps someone from finance) is in a meeting, or is in a limited cellphone reception area where a confirmation call is not possible. The victim then becomes engaged with a request for help which eventually leads to handing over sensitive data without verification to the scammer on the other end".

Sender forgery – you think you know the sender, but you probably don't

The report found that 10.3% of attacks were sender forgery, and may be the most dangerous form of phishing email because it presents itself as being from a known contact.

“This type of attack perseveres as contacts maintain personal and professional emails. Often contacts cycle through Gmail, Yahoo and other popular mail providers, making it difficult to discern a legitimate message from a phishing attack.”

Corporate email spoofing

The report found that 5.9% of phishing attacks used corporate email spoofing, which blends the elements of VIP impression with sender forgery. 

"This type of attack is sophisticated in that it deliberately targets a specific corporate entity. It often occurs after a major announcement. The nature of the announcement has no bearing on the frequency of attacks. 

Both positive and negative news can be leveraged to provide cover for the phishing attacker’s true intentions. In the past (and for those remaining unprotected) corporate spoofing has resulted in the loss of corporate intellectual property, private information, financials and even protected healthcare information".

Slack users urged to update to prevent security vulnerability
Businesses that use popular messaging platform Slack are being urged to update their Slack for Windows to version 3.4.0 immediately.
Secureworks Magic Quadrant Leader for Security Services
This is the 11th time Secureworks has been positioned as a Leader in the Gartner Magic Quadrant for Managed Security Services, Worldwide.
Deakin Uni scores double win with Exabeam partnership
Australia’s Deakin University is partnering with SIEM security company Exabeam in an effort to boost the university’s cybersecurity degree program and strengthen its SIEM capabilities.
Google puts Huawei on the Android naughty list
Google has apparently suspended Huawei’s licence to use the full Android platform, according to media reports.
Voter vulnerabilities: Cybersecurity risks impact national elections
The outcome of elections have an enormous impact on the political and cultural landscape of any democratic society. 
Using data science to improve threat prevention
With a large amount of good quality data and strong algorithms, companies can develop highly effective protective measures.
General staff don’t get tech jargon - expert says time to ditch it
There's a serious gap between IT pros and general staff, and this expert says it's on the people in IT to bridge it.
ZombieLoad: Another batch of flaws affect Intel chips
“This flaw can be weaponised in highly targeted attacks that would normally require system-wide privileges or a complete subversion of the operating system."