sb-nz logo
Story image

Financial organisations plagued by spear phishing attacks

11 Jul 2019

Financial organisations continue to be top targets for spear phishing emails, underscoring the message that every organisation must be vigilant through technology and training.

Barracuda researchers analysed 360,000 spear phishing emails over a three month period. They found that there are three types of attacks: blackmail, brand impersonation, and business email compromise.

“Spear phishing attacks are designed to evade traditional email security solutions, and the threat is constantly evolving as attackers find new ways to avoid detection and trick users,” explains Barracuda vice president of APAC sales, James Forbes-May.

Finance department employees are most heavily targeted by these attacks, because they are most likely to deal with banks and other financial institutions, the report suggests. The attackers attempt to steal bank account login details.

“Cybercriminals spend time researching an organisation and its employees before launching an attack. They impersonate an executive or other employee in an email, requesting a wire transfer or personally identifiable information from finance department employees and others with access to sensitive information. Once the money has been transferred to a fraudulent account, it’s usually impossible to get it back,” the report says.

Attackers commonly impersonate Microsoft in order to take over accounts. Attackers take different approaches to Apple impersonation. 

“In some attacks, cybercriminals send an email about a recent alleged iTunes purchase, asking for credit card details to cancel the order and provide a refund. The stolen information is used to commit financial fraud,” the report notes.

Subject lines on more than 70% of business email compromise attack emails try to establish rapport or a sense of urgency; many imply the topic has been previously discussed.

Scammers use name-spoofing techniques, changing the display name on Gmail and other email accounts to make the email appear to come from a company employee. This tactic can be especially deceiving to those reading the email on a mobile device.

The majority of subject lines on sextortion emails contain some form of security alert. Attackers often include the victim’s email address or password in the subject line.

“Staying ahead of these types of attacks requires the right combination of technology and user training, so it’s critical to have a solution in place that detects and protects against spear-phishing attacks, including business email compromise, brand impersonation, and sextortion,” concludes Forbes-May.

Protection can include multi-factor authentication, staff training that helps them to identify and report attacks, account takeover protection, DMAEC authentication and reporting, and maximising data loss prevention.

Statistics are taken from Barracuda’s Spear Phishing: Top Threats and Trends report.

Story image
Cybersecurity budgets still not keeping up with threats — report
Executive teams are failing to recognise the level of damage cyber-threats pose to organisations, according to Sophos — many of them taking a ‘conservative approach’ to cybersecurity expenditure.More
Story image
Hybrid IAM solutions are the way of the future, study states
“As this first-of-its-kind research shows, while IT leaders are faced with unique criteria and conditions that shape their IT strategy, hybrid IAM has emerged as a necessity."More
Story image
Users becoming more savvy with COVID phishing scams
“With COVID-19 being around for over a year now and employees becoming more aware of the types of scams that have come out related to the pandemic, cyber criminals are having less success with related phishing attacks."More
Story image
2020 sees a global shift in financial malware threats
The financial threat landscape experienced a game-changing pandemic year, according to a new report from Kaspersky.More
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More