Story image

Spoofs, forgeries, and impersonations plague inboxes

18 Feb 2019

It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.

According to security firm INKY, Q4 2018 was a busy period for phishing scammers as online shopping, shipping notifications, returns and virtual holiday greetings bombarded inboxes.

However, not all of those emails were legitimate. INKY analysed the phishing attacks with the highest volume and found that scam emails are more targeted than ever.

“Phishing attacks remain one of the largest threat vectors as cybercriminals have increasing access to sophisticated toolkits through the Dark Web and the human element remains the most porous aspect of cybersecurity,” comments INKY CEO Dave Baggett. 

“Even the most informed and vigilant members of an organisation that take extra measures to practice proper cybersecurity posture can fall prey to phishing attacks that are becoming indistinguishable from legitimate channels of communication.”  

More than half of all phishing emails bypass traditional anti-spam filters. This suggests that older generation phishing filters just can’t identify personalised attacks.

Corporate VIP impersonation takes the lion’s share of attacks

The report found that 11.4% of all phishing attacks impersonated VIPs or senior executives. 

"This type of attack is usually fairly involved and often delivered in real-time. A typical scheme can involve a scenario where the CEO (or perhaps someone from finance) is in a meeting, or is in a limited cellphone reception area where a confirmation call is not possible. The victim then becomes engaged with a request for help which eventually leads to handing over sensitive data without verification to the scammer on the other end".

Sender forgery – you think you know the sender, but you probably don't

The report found that 10.3% of attacks were sender forgery, and may be the most dangerous form of phishing email because it presents itself as being from a known contact.

“This type of attack perseveres as contacts maintain personal and professional emails. Often contacts cycle through Gmail, Yahoo and other popular mail providers, making it difficult to discern a legitimate message from a phishing attack.”

Corporate email spoofing

The report found that 5.9% of phishing attacks used corporate email spoofing, which blends the elements of VIP impression with sender forgery. 

"This type of attack is sophisticated in that it deliberately targets a specific corporate entity. It often occurs after a major announcement. The nature of the announcement has no bearing on the frequency of attacks. 

Both positive and negative news can be leveraged to provide cover for the phishing attacker’s true intentions. In the past (and for those remaining unprotected) corporate spoofing has resulted in the loss of corporate intellectual property, private information, financials and even protected healthcare information".

Five things MSPs need to keep in mind in 2019
A Datto APAC channel exec outlines the most important factors for MSP to being paying attention to in the coming year.
Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nozomi and RIoT to deliver advanced ICS security solutions to Australia
''As a specialised integrator of robust and resilient ICT and IoT solutions within Australia, we are delighted to be partnering with Nozomi Networks."
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.