sb-nz logo
Story image

Cyber criminals turn to Gmail and AOL to advance attacks

Cyber criminals are using increasingly sophisticated means, with the latest example of this being official email services used to impersonate and scam 6,600 organisations in 2020.

According to email security firm Barracuda Networks, cyber criminals are increasingly registering accounts with legitimate services, such as Gmail and AOL, to use them in impersonation and business email compromise attacks.

In their most recent threat spotlight report, Barracuda researchers observed that 6,170 malicious accounts that have used Gmail, AOL and other email services, have been responsible for over 100,000 BEC attacks which have impacted nearly 6,600 organisations.

Furthermore, since April 1 these ‘malicious accounts’ have been behind 45% of all BEC attacks detected, the researchers state.

Essentially, cyber criminals are using malicious accounts to impersonate an employee or trusted partner, and send highly personalised messages for the purpose of tricking other employees into leaking sensitive information, or sending over money.

The report finds that cyber criminals' preferred choice of email service for malicious accounts is Gmail, which accounts for 59% of all email domains used by cyber criminals.

Yahoo, is the second most popular, accounting for just 6% of all observed malicious account attacks.

Researchers at Barracuda also observed that most malicious accounts (29%) are used for less than 24-hour periods – most likely to avoid detection and suspensions from email providers.

However, it’s not unusual for cyber criminals to return and re-use an email address for an attack after a long break.

Having analysed attacks on 6,600 organisations, Barracuda researchers found that in many cases, cyber criminals used the same email addresses to attack different organisations.

The number of organisations attacked by each malicious account ranged from one, to a single mass scale attack that impacted 256 organisations - 4% of all the organisations included in the research.

Similarly, the number of email attacks sent by a malicious account ranged from one to over 600 emails, with the average being only 19.

Barracuda Networks VP of Email Protection Michael Flouton says, “The fact that email services such as Gmail are free to set up, just about anyone can create a potentially malicious account for the purpose of a BEC attack.

“Securing oneself against this threat requires organisations to take protection matters into their own hands - this requires them to invest in sophisticated email security that leverages artificial intelligence to identify unusual senders and requests.

“However, no security software will ever be 100% effective, particularly when the sender appears to be using a perfectly legitimate email domain. Thus, employee training and education is essential, and workers should be made aware of how to manually spot, flag and block any potentially malicious content.”

Story image
Thales: A/NZ cybersecurity approach more talk than action
“While some organisations are talking a good story … predicted spending shows that most have the wrong focus.”More
Story image
APAC organisations struggle to find balance between digital adoption and cybersecurity
Organisations in the Asia Pacific (APAC) region are significantly concerned about security threats, but nevertheless are looking to advance operations through digital adoption.More
Story image
NortonLifeLock introduces dark web monitoring to its security suite
Dark Web Monitoring Powered by LifeLock will be capable of monitoring the dark web, searching for over 120 personal identifiable information including email, physical address, phone number, driver licence number, credit card or bank account numbers and gamer tags.More
Story image
Acronis announces new security endpoint solution
The solution is an integration of data protection and cybersecurity which provides customers with effective endpoint protection in a landscape where the pointlessness of perimeter security is becoming more pronounced.More
Story image
SecOps opens new Cyber Defence Operations Centre in Auckland
Privacy Commissioner John Edwards officially opened the centre this week, recognising SecOps’ efforts to provide managed security services to New Zealand businesses.More
Link image
How to better protect your organisation's most valuable asset - its data.
Data resilience strategies are becoming increasingly critical in relation to the skyrocketing value of data and the proliferation of malicious entities wishing to steal it.More