itb-au logo
Story image

Spoofs, forgeries, and impersonations plague inboxes

18 Feb 2019

It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.

According to security firm INKY, Q4 2018 was a busy period for phishing scammers as online shopping, shipping notifications, returns and virtual holiday greetings bombarded inboxes.

However, not all of those emails were legitimate. INKY analysed the phishing attacks with the highest volume and found that scam emails are more targeted than ever.

“Phishing attacks remain one of the largest threat vectors as cybercriminals have increasing access to sophisticated toolkits through the Dark Web and the human element remains the most porous aspect of cybersecurity,” comments INKY CEO Dave Baggett. 

“Even the most informed and vigilant members of an organisation that take extra measures to practice proper cybersecurity posture can fall prey to phishing attacks that are becoming indistinguishable from legitimate channels of communication.”  

More than half of all phishing emails bypass traditional anti-spam filters. This suggests that older generation phishing filters just can’t identify personalised attacks.

Corporate VIP impersonation takes the lion’s share of attacks

The report found that 11.4% of all phishing attacks impersonated VIPs or senior executives. 

"This type of attack is usually fairly involved and often delivered in real-time. A typical scheme can involve a scenario where the CEO (or perhaps someone from finance) is in a meeting, or is in a limited cellphone reception area where a confirmation call is not possible. The victim then becomes engaged with a request for help which eventually leads to handing over sensitive data without verification to the scammer on the other end".

Sender forgery – you think you know the sender, but you probably don't

The report found that 10.3% of attacks were sender forgery, and may be the most dangerous form of phishing email because it presents itself as being from a known contact.

“This type of attack perseveres as contacts maintain personal and professional emails. Often contacts cycle through Gmail, Yahoo and other popular mail providers, making it difficult to discern a legitimate message from a phishing attack.”

Corporate email spoofing

The report found that 5.9% of phishing attacks used corporate email spoofing, which blends the elements of VIP impression with sender forgery. 

"This type of attack is sophisticated in that it deliberately targets a specific corporate entity. It often occurs after a major announcement. The nature of the announcement has no bearing on the frequency of attacks. 

Both positive and negative news can be leveraged to provide cover for the phishing attacker’s true intentions. In the past (and for those remaining unprotected) corporate spoofing has resulted in the loss of corporate intellectual property, private information, financials and even protected healthcare information".

Story image
The devices that are changing the streaming game in time for Christmas
Here are some of the best products in the streaming business, used by veterans and beginners alike.More
Story image
Nutanix brings Matt Maw onboard in new role of A/NZ head of tech strategy
The appointment and new role follows the expansion of the Nutanix A/NZ business in the fourth quarter of 2020, where it experienced 18% team growth, 13% customer acquisition growth, and a 14% rise in new partners.More
Story image
Three steps to achieve a better patient experience using data in the healthcare industry
Introducing new technology to the healthcare industry beyond COVID-19 will be complicated. The only thing that can simplify it is well-organised data insights.More
Story image
Why legacy technology is swallowing too much of your IT budget 
Given the restrictions caused by legacy IT infrastructure, why are more organisations not pushing ahead with plans to rid themselves of the burden?More
Story image
Webinar: TLC for Kids on their usage of Nintex Drawloop DocGen
The charity is using the software to free up resources and enable its team to focus on its mission — which, simply put, is to put smiles back on sick kids’ faces. It does this through its TLC Ambulance, Rapid TLC, and distraction box programs, and its services are used over a million times each year across Australia.More
Story image
Webinar: The future of data centres in the face of climate change
Digital Realty has today announced a webinar based on its recent report exploring the role of data centres within the climate change debate, and will explore the viable solutions available to help data centre operators fight the rising tide of environmental challenges.More