The rise in email impersonation attacks is a reminder that organizations should re-assess their security process. Read on to know more about the email impersonation attacks…
Most organizations believe they have not experienced serious data breaches driven by email impersonation in the past. But should they not be doing enough to prevent future impersonation attacks on their organizations?
Impersonation attacks are emails that attempt to impersonate a trusted individual or company in an attempt to gain access to corporate finances or data. Business Email Compromise (BECs) also known as CEO fraud is a popular example of an impersonation attack.
Amongst the types of cyber-attacks experienced by various organizations, email impersonation attacks are an interesting evolving category. Such attacks are generally targeted at corporate employees. The attack is executed by sending an email to the target in which the sender attempts to masquerade as a trusted source. This is done in order to gain access to target’s sensitive information, such as financial data. The U.S. Federal Bureau of Investigation (FBI) has warned businesses about this growing threat and has estimated that such attacks have caused losses of approximately $5.3 billion globally.
Email impersonation attacks have risen by 80% and IT specialists have sent out a strong warning to both business and residents to be alert to the growing threat. This comes in the recent cybercrime attack on eThekwini city manager Sipho Nzuza, which shows how brazen hackers have become.
One of the key reason why email impersonation attacks hard to detect by the users is ignorance and lack of attention to detail. Let’s understand this through an example:
Below is the same email address written twice, how fast can you spot the one with some error?
Hence, it is hard to figure out the irregularity, especially when you have a hectic schedule at work and many distractions.
Attackers look for potential victims with the help of social engineering techniques. Social media platform like Facebook, LinkedIn and Twitter profiles are easiest mediums for attackers to collect information about their potential target. Name, email address, job title, short bio, job duties, location, etc. can be easily fetched by attackers from target’s social media accounts. Social engineering, which requires very little technical skill, can typically get attackers an unbelievable amount of information about the victim, freely available online.
Now, as the attacker has a significant amount of the target’s information in hand, the next step is to build credibility. Again, social engineering is an effective way to set the stage for the attack. The attacker will try to figure out who to impersonate. It could be the victim’s boss, one of his colleagues or someone close to him. Close friends can be found on Facebook, and people tend to be very trusting if they think they are dealing with close friends. Through the company website and social media pages, the attacker can easily pick the person to impersonate.
The concluding and the key step is to choose a type of attack. The three tactics used by attackers are
* Registering a Look-Alike Email Domain
* Editing the Display Name
* Using a Free Email Account
A Brief Conclusion
As per Gartner, email will remain the primary targeting method of cyber crooks using advanced cyber-attacks will be through the year 2020. To mitigate this threat, implementation of reliable email security is a good security practice that organizations should follow. This not only helps in filtering emails containing malicious content but also reduces spam messages. Thus, organizations can remain safe and secure from malicious content.