Experts warn of a growing cyber threat for businesses called spear phishing.
During such operations, attackers attack company employees from compromised colleagues’ mailboxes, i.e. malicious activity develops within the enterprise.Barracuda researchers analyzed spear phishing attacks against almost 100 organizations.
“To compile its report, Barracuda surveyed small, mid-sized and enterprise businesses across a wide range of industries including technology, financial services, education, healthcare, manufacturing, government, telecommunications, retail and others”, — says company’s report.
Specialists were interested in tactics and the result of such campaigns. According to a report prepared by analysts, the main goal of spear phishing is identity theft.
This distinguishes this type of attack from business email compromise (BEC).
“In email account takeover attacks, hackers gain entry to a business account and send lateral phishing emails. Because these emails come from a legitimate account, they are more likely to fool victims, the report noted”, — report Barracuda experts.
In the process of analyzing 180 spear phishing operations, experts found that in 11% of cases, attackers managed to hack other employees inside the organization.
Moreover, 42% of successful incidents were not reported to management or the security team.
In the majority of malicious emails analyzed, attackers claimed to have found a problem with the recipient’s mailbox. Others referred to the document.
Read also: Trojan Saefko compiles a victim’s profile and can spread via USB devices
Also in the letters were links leading victim to phishing pages with forms for entering credentials. It was these forms that were used to transfer the username and password to cybercriminals.
After hacking into a corporate email account, 55% of cybercriminals target victims who have a personal or working relationship with the person whose account was hacked.
How to prevent lateral phishing attacks
Organizations and employees can do the following to protect against lateral fishing attacks, according to the report:
1. Security awareness training
Ongoing, updated security training is now a necessity for every organization. This training should include lessons on how to identify email takeover attacks and lateral phishing attacks, including carefully checking the URL and destination of any link in an email before clicking.
2. Advanced detection techniques
Lateral phishing attacks can be difficult to detect since they originate from a legitimate corporate email account. Advanced detection techniques and services that leverage artificial intelligence (AI) and machine learning to automatically identify phishing emails can potentially help.
3. Two-factor authentication
Two-factor authentication (also known as multi-factor authentication) is a key security step to mitigate risks of lateral phishing and other attacks. You can use an app or hardware-based token to limit an attacker’s access to accounts.
