Skip to main content

One in five email attacks uses compromised accounts

Account takeover-based (ATO) attacks now comprise 20 percent of all advanced email attacks according to new research from the email security and protection company Agari.

The firm's recently published Q1 2018 Email Fraud & Identity Deception Trends report found that ATO attacks are rising in popularity among cybercriminals because they are more difficult to detect than traditional attacks and can bypass email filters since they are sent from a real sender's email account.

Senior Director of Threat Research at Agari, Crane Hassold provided further insight on the treat posed by ATO attacks, saying:

“Credential phishing was already a huge risk for organizations because of the potential for data breach, but now there is a new wave of account takeover attacks leveraging compromised accounts to commit additional fraud, which evade traditional email security controls. Business email compromise attacks are still very active, especially against C-suite targets.” 

Advanced email attacks

According to Agari's Cyber Intelligence Division, brand impersonation remains the most common attack vector and this technique was used in 50 percent of advanced email attacks during Q4 2018 with cybercriminals impersonating Microsoft in 70 percent of these instances. Microsoft is often a target for credential phishing since attackers can use Office 365 accounts in subsequent ATO attacks.

However, a different pattern was identified when it came to attacks against executive targets with 33 percent of advanced email attacks against C-level employees using display name deception to impersonate an individual. This tactic is also commonly used for business email compromise (BEC) attacks that frequently target an organisation's CFO.

With the approach of tax season in the US, impersonation of the US Internal Revenue Service (IRS) surged in the fourth quarter. The IRS was impersonated in nearly one in ten attacks which is up from less than one percent in the third quarter.

W-2 scams occur quite often in the runup to tax season, as cybercriminals utilise phishing emails and social engineering to obtain a business' W-2 files which contain a wealth of sensitive information such as social security numbers, salaries and other confidential data that is used to commit tax fraud or identity theft.

  • Protect your devices from the latest threats with the best antivirus


from TechRadar - All the latest technology news http://bit.ly/2MMQSNm
Labels:

Comments

Post a Comment

Popular posts from this blog

The future of Magic Leap's promising AR efforts dim after layoffs

The Magic Leap Two is now further away than ever, unfortunately. Today in a blog post the augmented reality pioneer announced major layoffs and has decided to cut up to half of its workforce, according to some reports. The original Magic Leap One was supposed to be one of the first mainstream augmented reality headsets when it launched in 2018, but a high price point and lack of interest from developers left the headset high and dry after launch. According to the blog post, Magic Leap says it will be focusing its efforts on enterprise solutions (a statement HTC has made recently as well) and shift its focus away from consumer technology… at least for the time being.  The company has been open about creating a second headset that would offer improved specs for some time, but how that work will now have to go forward without half of the team , according to some estimates, remains to be seen. Is the window closing on augmented reality?  Although it’s just one company, Magic...
Post a Comment
Read more

Airship acquires SMS commerce company ReplyBuy

Airship is announcing that it has acquired mobile commerce startup ReplyBuy . The startup (which was a finalist at TechCrunch’s 1st and Future competition in 2016) works with customers like entertainment venues and professional and college sports teams to send messages and sell tickets to fans via SMS. It raised $4 million in funding from Sand Hill Angels, Kosinski Ventures, SEAG Ventures, Enspire Capital, MRTNZ Ventures and others, according to Crunchbase . Airship, meanwhile, has been expanding its platform beyond push notifications to cover customer communication across SMS, email, mobile wallets and more. But CEO Brett Caine said this is the first time the company is moving into commerce. While sports and concerts tickets might not be a booming market right now, Caine suggested that the company is actually seeing increased purchasing activity “in and around the Airship platform” as businesses try to drive more in-app purchases. He also suggested that both the COVID-19 pandem...
Post a Comment
Read more