Eskenzi PR Eskenzi PR
  • About Us
Monday, 19 April, 2021
IT Security Guru
Eskenzi PR
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Immunising against the spear phishing plague

by The Gurus
May 6, 2016
in Editor's News
Share on FacebookShare on Twitter

Immunising against the spear phishing plague  
By John Wilson, Field CTO, Agari
Email has become the primary tool of communication for organisations, both within the business and externally with customers and third parties. But with this proliferation, email has also been tirelessly exploited by sophisticated cyber-criminals. With no security authentication built in, there is a fundamental flaw in the architecture of email that means anyone can send a message pretending to be from another person or brand. More worryingly, illegitimate emails are carefully formulated, well written, seem to come from a trusted source and relate to actual issues making it very difficult to tell sophisticated phishing emails apart from their genuine counterparts.
An increasingly popular form of email attack – spear phishing – is becoming a growing threat to businesses globally. Spear phishing is a highly-targeted email attack and is currently thriving due to people becoming comfortable with revealing a wealth of personal and behavioural data on the Internet. Attackers tap into an individual’s personal information to profile victims and create email messages crafted to appear to have come from a trusted source in a context that puts the targeted victim at ease. The end game is usually to get the selected employee to share confidential business information or transfer money into an unknown account. Last year, the FBI reported that losses from one type of spear phishing, Business Email Compromise (BEC) scams, alone totaled more than $1.2 billion. So how can we start to recognise these scams?
The fingerprint of a spear phisher
BEC scams involve attackers that impersonate an executive of the organisation and email an employee with specific instructions or requests. The most common example being the so-called CEO wire fraud scam. The scam begins with an email “from” the CEO to the CFO, explaining that she needs an urgent wire transfer and that she’ll provide the details shortly. In these attacks, the From: address of the email has been spoofed, and a Reply-To: header has been added to the message so that replies will route back to the fraudster. The criminal sets the display portion of the Reply-To address to be the CEO’s name, and since most email software displays only this text, rather than the actual email address, the victim cannot detect the deception visually.
The email generally ends with a simple question, such as “When is the cut-off to get this completed today?” or “What information will you need to process my request?”. The purpose of the question is to elicit a response from the CFO. The fraudster provides the receiving bank account details for the wire only after receiving a response to his initial email. This reduces the chances of his bank account details being exposed to the police should the victim catch on to the scam.
The perpetrators of these scams utilise distinctive tradecraft. This fingerprint can tie attacks back to the same threat actor.  After examining email data from just three clients, Agari observed the same fingerprint in attacks targeting all of them. This particular threat actor uses free webmail addresses as the Reply-To addresses. The subject lines are always short, such as “Hello John”, “Today”, or “Urgent”. Finally, this criminal sends several messages, spaced over the course of 2 or 3 weeks. Given the prolific nature of this threat actor’s work, we suspect he uses automation to craft and send at least the initial attack messages.
With the FBI reporting a 270% increase in reported global losses from January to August 2015 due to these types of scams, financial firms need to be vigilant with their email security.
Staying savvy 
Agari research also found that more than 85 percent of spear phishing attacks are enabled by legitimate cloud services, and the majority do not contain a malicious link or attachment, which make them a lot harder to detect as fraudulent. Ultimately, no single email should be sufficient to move money and no one person should be able to initiate and approve a bank transfer. Savvy organisations need to ensure that there is a mixture of inbound and outbound channels that can be used to verify any request for confidential or financial information.
As the spear phishing threat continues to grow, organisations need a solution that considers sophisticated data science and email security intelligence in order to reinstill trust into the email ecosystem. Protecting corporate and customer data requires constant attention, and having an insight into the entirety of an email ecosystem is crucial.  There is not a single solution available that can solve the breadth of the email security problem. What’s needed is multiple controls – a cocktail of complementary solutions that provides a multi-layered approach to cyber security where prevention, early detection, attack containment, and recovery measures are considered collectively. Only then can spear phishing be stopped before the problem becomes a plague.

0 0 vote
Article Rating
FacebookTweetLinkedIn
Tags: AgariCyber Securityemail securityinformation securityinfosecit securityPhishingSpear Phishing
ShareTweetShare
Previous Post

Security Serious Week launches 2016 Unsung Heroes Awards

Next Post

New Report Demonstrating Advancement of ISIS’s Organized Cyber Capabilities

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne

AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne

April 19, 2021
Dominos pizza

Domino’s India suffers data breach

April 19, 2021
whatsapp icon

Vulnerabilities found in older version of WhatsApp

April 19, 2021
Data Breach Cyber attack code

University of Hertfordshire suffers system outage due to cyberattack 

April 15, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept