Bait attacks are on the rise, and it appears that actors who distribute this special kind of phishing emails prefer to use Gmail accounts to conduct their attacks. According to a report by Barracuda, who surveyed 10,500 organizations, 35% of them received at least one bait attack email in September 2021 alone.
What is a baiting attack?
Bait attacks attack companies’ operations by mimicking real emails from a known contact. Some phishing emails also mimic documents.
The aim is to lure an employee to open an email attachment, copy or paste a link or open a file that the attacker will use to take control of the victim’s device, infect it with malware and to obtain sensitive data.
Targeted phishing campaigns
Data reveals that more than 80% of the baiting emails were sent to the executive management team, followed by CEOs.
Senior executives were attacked by phishing scams twice as often as lower-level workers, with a drop in attacks happening when employees are eligible for retirement.
Krishna Simha, senior security strategist at Barracuda, said in a statement:
What to do?
If you receive an email that looks suspicious, don’t simply open it. Instead, forward the email to your spam filter and delete it immediately. Always be vigilant and follow this advice:
Keep your anti-virus and anti-malware software up-to-date
User Review( votes)