Like it or not, email is the primary means of communication for many employees at work. Unfortunately, cybercriminals and scammers are well aware of this. And they’re trying to exploit our reliance on email by launching phishing attacks targeting business email.
[?#Cybersécurité] Fake ads, fake online sales sites, fake deliveries, phishing / phishing… How to avoid the traps?
Our advice to avoid cyber-scams ?@Conso_INC #LaMinuteInfo #CyberScams #Cybermalware #Phishing pic.twitter.com/opo3kmVWzq
— Cybermalveillance.gouv.fr (@cybervictimes) December 15, 2022
According to an analysis by Abnormal Security researchers, the volume of such attacks increased by 81% in the second half of 2022 compared to the previous six months. And in the past two years, total volume has jumped 175%. This modus operandi is well documented. Scammers pretend to be legitimate contacts, such as your boss, a colleague or a supplier. And they encourage their victims to make large financial transfers.
Hard to counter attacks
These attacks can be extremely lucrative and difficult to counter. “While employees need to be right all the time, attackers only need to get it right once,” the researchers say in their report.
They rely in particular on in-depth research on their targets, information from the websites of the companies targeted, the LinkedIn social network or public financial information. So much data that can be used to develop phishing messages, this form of targeted phishing.
In a real-life incident detailed by Abnormal Security, cybercriminals posed as the office manager of a small business. They then emailed the facility manager of a second company. An email where the attackers asked about the status of overdue bill payments, and where they mentioned a change in bank details.
Pressure on victims
Seemingly legit, the email was signed with the company’s contact information and logo. And there were no malicious attachments or links, just minor spelling and punctuation issues. The message had been sent from an address that looked almost exactly like the actual company the scammer was impersonating, with a slight change that was barely noticeable unless you were really paying close attention.
Duped, the targeted victim replied to the message with the requested information. The attacker then quickly passed him the “new” banking information, requesting that all future payments be sent to this account. With the target not responding to this request, the attacker, still posing as a legitimate contact, sent a succession of follow-up messages asking for a response.
Pressuring victims by pretending that an answer is a matter of urgency is a common technique. And in this case, this method worked, and the victim responded. That’s when cybersecurity analysts stepped in to make sure no transfer had taken place. However, this incident shows how persistent and persuasive attackers can be.
Warning signs of a scam
“Companies need email security tools that can detect even small changes in activity and content,” the researchers explain.
Employees should also be made aware of the warning signs of attacks. In particular, beware of unexpected messages that insist on an emergency. Especially if the person receiving the email cannot reach the sender – for example because they are told they are in a meeting. This tactic is frequently used by cybercriminals to prevent the victim from contacting the real sender and discovering that the first message was fraudulent.
Emails that ask you to perform a task quickly and secretly should also be viewed with suspicion. If possible, call the person the message claims to be from to find out if it’s legitimate. Even if it takes time, it is better to be sure that the message is legitimate than to transfer hundreds of thousands of dollars to a cybercriminal.
Source: ZDNet.com