Phishing gets more personal and harder to detect
An analysis of phishing attacks in the final quarter of 2018 reveals the majority of attacks showed an increase in target personalization, making them considerably more difficult to detect.
The study by email protection start up INKY shows 12 percent of phishing attacks in the period took the form of corporate VIP impersonations, 10 percent were sender forgery and six percent were via corporate email spoofing.
The corporate impersonation attacks often take place in real time and involve a scenario where the CEO (or perhaps someone from finance) is claimed to be in a meeting, or is in a limited cellphone reception area where a confirmation call is not possible. The victim then becomes engaged with a request for help which eventually leads to handing over sensitive data to the scammer at the other end. Names of executives are sourced from social media or corporate websites.
Sender forgery again involves using social media to establish known contacts and spoofing an address using a known corporate email format. Mail spoofing is frequently targeted at larger businesses whose address formats are easy to ascertain.
"Phishing attacks remain one of the largest threat vectors as cybercriminals have increasing access to sophisticated toolkits through the Dark Web and the human element remains the most porous aspect of cybersecurity," says Dave Baggett, CEO of INKY. "Even the most informed and vigilant members of an organization that take extra measures to practice proper cybersecurity posture can fall prey to phishing attacks that are becoming indistinguishable from legitimate channels of communication."
To combat the problem INKY Phish Fence, the company's anti-phishing solution, uses anomaly detection algorithms to identify and block brand forgery emails, spear phishing attempts and extortion attacks. It also alerts employees with helpful warning banners to any unusual or suspicious emails, giving specific guidance on potentially problematic messages.
The full report is available from the INKY website.