5 Types of Attacks Targeting Company Email Domains on the Rise
Analysing the data and taking a look at the five types of attacks targeting organisations that are on the rise globally.
There has been a significant increase in the number of cyber attacks targeting business domains according to a new report from an online security company.
Data published in the report shows that in a single quarter, there has been a 269% increase in the number of business email compromise (BEC) attacks on organisations globally, signalling that cybercriminals are increasingly looking to the business sector as a target.
The report comes courtesy of Mimecast who published its quarterly Email Security Risk Assessment, which has cumulatively analysed hundreds of millions of emails; you can access it here.
“These schemes compromise official business email accounts to conduct unauthorized transfers.”
According to InfoSecurity-Magazine’s Sarab Coble, “BEC attacks are sophisticated scams that typically target businesses working with foreign suppliers and businesses that regularly perform wire-transfer payments. Formerly known as man-in-the-email scams, these schemes compromise official business email accounts to conduct unauthorized transfers.”
Attacks on organisations are particularly lucrative for hackers, as even small-sized businesses hold vast amounts of data both on internal staff members and a trove of personally identifiable information on their clients. With this information, cyber criminals are able to launch further - and more targeted - campaigns on individuals implicated in an organisation’s database, even impersonating that organisation for exploitative tasks.
The FBI has identified five main categories of BEC scams after investigating a large number of actions taken against cyber criminals. The first, known as the bogus invoice scheme, features a hacker impersonating a supplier for that company, requesting a money transfer often from someone lower down in the organisation that is less inclined to question the motive.
The second, known as the CEO fraud sees a hacker impersonate senior executives in the organisation, asking the finance department to transfer money into an account controlled by the hacker, or hacking collective.
The third, known as an account compromise attack features a hacker - with access to an executive’s email account - uses this account to request invoice payments to vendors listed in the organisation’s contact directory; these payments are directed to fraudulent bank accounts.
Next, a Data Theft BEC attack often targets HR and finance departments, requesting sensitive information like tax statements which can in turn be sold on the darkweb, or stashed away for use in future attacks.
The fifth and final type of attack is known as an Attorney Impersonation BEC attack, where the hacker impersonates a lawyer to access confidential information on the organisation’s operations and staff.
“85% of the 1,025 global respondents experienced an impersonation attack in 2018, with 73% of those victims having experienced a direct business impact, like financial data or personal loss.”
Mimecast is also claiming that it was able to much more accurately hone-in on phishing attacks and attempts at installing malware in the inbox of users after sifting through hundreds of millions of emails. According to their data, of the 237,211,029 emails that it inspected, 26,305,457 were spam emails, 24,279 contained dangerous file types, 27,156 had malware attachments and they were able to detect 55,190 impersonation attempts, like the BEC attacks mentioned above.
According to Sarah Coble, “the sharp rise in BEC attacks identified by the report echoes the findings of the State of Email Security 2019 report, which revealed that 85% of the 1,025 global respondents experienced an impersonation attack in 2018, with 73% of those victims having experienced a direct business impact, like financial data or personal loss.”