Most phishing attacks lure corporate users with explicit content

Phishing campaigns with NSFW content often perform better

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A majority ofphishingattacks against corporateemail addressesuse indecent content and invitations to lure victims in, experts have claimed.

Researchers from the GreatHorn Threat Intelligence Team noticed theuse of X-rated materialin emails designed to lure employees increased 974% between May 2020 and April 2021.

They further observed these attacks targeted a broad spectrum of industries, and are often directed at male-sounding usernames in company email addresses.

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

“Call it what you will: business email compromise (BEC), phishing, spearphishing or whaling, all email-based cyberattacks have one thing in common: they use social psychology. The goal of the email attacker is to put the user off balance, causing an emotional reaction that gets them to open an email and take a compromising action,” GreatHorn noted in a post detailing this new trend in phishing attacks.

Honey traps

Honey traps

GreatHorn highlights two different campaigns in their post, that follow slightly different attack vectors, but with the same intention to use the gleaned information to either withdraw money, commit further frauds, or for blackmail.

In the first phase of the campaign, the user is invited to click on a link under the guise of salacious interactions or more explicit content.

Once clicked, the threat actors use email pass-through to get hold of the email address of the visitors, which can later be used for blackmail.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The pages further invites the victims to divulge more information, including their address andcredit carddetails under the guise of payment details, to roundup a successful phishing campaign.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case