Hackers are pulling no punches when it comes to email attacks
Most scams bypass traditional email security checks
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Brute force email attacks and account takeover attempts against businesses have increased a whopping 671%, as attackers find novel ways forphishingcredentials, according to new data.
In its Q3 2021 email threat report, cloud-nativeemail securityplatform Abnormal Security revealed a significant increase in attacks that are often used as launchpads for more significant attacks such asransomwareandmalware.
The report also finds that cybercriminals are conjuring new ways to trick employees into giving away their credentials, invariably resulting in significant financial damages to businesses.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Click here to start the survey in a new window«
“Socially-engineered attacks are dramatically rising within enterprises, worldwide, creating unprecedented financial and reputational risks. These never-before-seen attacks are becoming more sophisticated with every passing day,” said Evan Reiser, Abnormal Security CEO.
Growing complexity
The report also found that more than half of the surveyed organization (61%) have experienced a vendor email compromise or a supply chain attack in Q3 2021.
In order to commit vendor email compromise, threat actors first gain access to a vendor’s account, which then enables them to hijack existing conversations for nefarious purposes, such as sending fraudulent invoices.
Impersonation is on the rise as well, with attackers masquerading as well-known brands to trick victims into submitting credentials. Another popular attack vector is to impersonate internal business systems, with the report revealing that fake emails from internal departments likeIT Help Deskand IT Support rising 46% over the past two quarters.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Reiser adds that what makes these new breed of email scams dangerous is that they don’t contain the usual indicators of compromise, such as links, attachments and reputational risks.
“So they evade secure email gateways and other traditional email infrastructure, landing in inboxes where unsuspecting employees fall victim to their schemes, which include ransomware,” suggests Reiser.
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
This new phishing strategy utilizes GitHub comments to distribute malware
Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well
