Seven Things You Need to Know about Email Attackers

Seven Things You Need to Know about Email Attackers

In the constant game of cyber security cat and mouse, the bad guys have found new ways to attack their victims. Cyber security technology is much better today at fending off attacks and systems have become harder to hack, so the bad guys have been forced to change tack.

  1. Email has become the attack vector of choice, the starting point to steal confidential data and extort funds.
    Why? Well, behind every email address is a person, and it is people, not machines who make mistakes that open up the defenses of even the most conscientious organization to attack. It is by far the easiest entry point into enterprise networks. Email is how business communicates and shares information. On day one when you join an organization, you get your security pass and your email address; it becomes part of your identity. Every email address is open to the outside world, and that means open to the attacker. It creates an open line of communication between the criminal and the employee that is all too easy to exploit.
  2. Hackers are motivated by greed, not mischief. They want your money.
    Few attacks on organizations today are about the rogue hacker on a moral crusade. Cyber-crime is just that – crime. It has become big business, a growing part of international organized crime. 67% of respondents* to a recent Mimecast survey told us that just since the start of 2016 they had seen an increase in attacks designed to instigate fraudulent payments, such as whaling or business email compromise. If you are a cyber-criminal, you are looking for the fastest, easiest way to make money. The ROI for old school spamming attacks has dropped significantly. The effort it takes to crack into IT systems has grown. But the good returns you can expect for just a little effort at social engineering an email attack (maybe just an hour or two on LinkedIn) makes that very worthwhile. All too many organizations are looking at their accounts at the end of the month only to discover thousands of dollars have been sent to non-existent companies. These funds become untraceable as they are quickly laundered through organized crime networks, and are effectively lost forever.
  3. They also want your data, because data can be sold and losing it can be very costly.
    43% of people we surveyed said they’d seen an increase in attacks specifically asking for confidential data, such as HR records or tax information. Armed with this data, the criminal can either start another targeted attack, or, more likely, they can sell such data as tax ID’s, credit card numbers etc., to others on the dark web. Additionally, the rise of ransomware shows that organizations are willing to pay blackmail if they can’t get access to their own data. A simple click on a malicious web link or file sent over email can cause the data to be locked up until you pay up.
  4. Domain impersonation will fool most users.
    We’ve all been trying for years now to educate users to “think before you click” to avoid being fooled by a bad link or attachment. Unfortunately, email sending domains are increasingly spoofed by the creation of domain names similar, but not identical, to the target domain. For example, people trying to spoof have used as a substitute. To the casual eye, replacing the second “m” with “rn” is easy to miss. This type of attack if commonly known as a homoglyph attack, where one or more letters look similar to a letter that victims expect.
  5. Advanced threats in email are emerging continuously. Relying on the protection, security and training you rolled out a year or two ago isn’t going to cut the mustard now. The ever advancing arms race that is email security has seen the threat vector change rapidly over the very recent past. We’ve gone from run of the mill spam and viruses to financial phishing, spear-phishing, weaponized attachments, and now impersonation and social engineering attacks such as whaling or W-2 fraud. These latest attacks require the latest technology, and you need to keep running faster just to stay in the game.
  6. Impersonation attacks and social engineering continue to dominate.
    Attacks that don’t need malware, an attachment or even a malicious link are the most dangerous and sadly the emerging threat of the moment. Social engineering attacks like whaling and W-2 fraud are on the rise because they have become an effective payday for cyber criminals, who are just exploiting their victims’ trust and goodwill. Why use complex malware that’s likely to be detected by an AV engine when you can simply ask someone to wire you several million dollars?
  7. Combating these targeted threats is a team effort, not just a technology challenge.
    At times many individuals are hesitant to speak up when they see something that looks “phishy” or suspicious in their incoming communications. A feeling of not wanting to bother others is a common issue in many companies. The problem with this is that if an employee doesn’t say something, no one will know until it’s too late, when their system is already compromised by an attack. To be proactive in handling this issue, each user must know that if they see something “phishy”, they should say something to their security team. Your company’s future depends on employees being alert for suspicious situations and aware of what to do. By working together as a team to take notice of targeted threats, we can strengthen the teams charged with protecting the security of the company data.

Making your email safe means investing in cyber security defenses that keep pace with the innovation of the attackers. Traditional security technologies are struggling to keep up with the emergence of more targeted threats. Getting the upper hand requires a new approach.


Interested in finding out how you can get the upper hand? Take a look at how Mimecast approaches these challenges



Leave a Comment

Your email address will not be published. Required fields are marked *