Malicious email campaigns target business platforms following remote work surge

Dive Brief:

  • Cybercriminals have changed tactics over the past year amid the corporate shift to remote work, leading to targeted phishing and impersonation campaigns against business-related applications, according to a report from GreatHorn released Thursday. 
  • The report shows 45% of phishing attacks now target business-related applications including Zoom, productivity apps from Microsoft or digital signature apps from DocuSign. In comparison, social media platforms such as Facebook, LinkedIn and Twitter accounted for only 34% of phishing attack targets.
  • Nearly half (48%) of IT specialists consider email security one of their three leading priorities. Forty-one percent consider securing telework and 40% consider cloud security posture management as leading priorities.

Dive Insight:

Phishing tactics have changed considerably in the past year, with threat actors engaged in less frequent attacks, in favor of more targeted and sophisticated campaigns that are designed to catch remote workers when they are distracted, according to the report. 

“The majority of phishing campaigns are extracting PII (personally identifiable information) and a sizable quantity are focused specifically on credential harvesting, often through a combination of techniques,” Kevin O’Brien, co-founder and CEO of GreatHorn, said via email. 

The tactics include impersonating trusted business colleagues, vendors and business executives. Attackers also use carefully crafted impersonations of “normal” websites and exploit web servers, according to O’Brien. Once credentials are successfully harvested, attackers can then gain access to computer systems, take over an account and launch attacks under the pretense of being a legitimate user. 

In January, the Cybersecurity & Infrastructure Security Agency issued an alert regarding attacks on cloud services at companies using phishing, brute force login attempts as well as “pass-the-cookie” attacks.

Additional research supports a rise in email security threats. A cloud security report from Trend Micro shows the company blocked 16.7 million high-risk emails that slipped through native filters during 2020, representing a 31.5% increase from the prior year.

Trend Micro intercepted more than 6.9 million phishing emails in 2020, a 19% increase from the year before. About 1.1 million emails were detected containing malware last year, a 16% increase from 2019.

Source link