![]() ![]() The bad guys will play on common experiences and fears because they might get a hit if the organization’s spam filter or email AV makes a mistake and lets the message through. Even if they didn’t do that research, however, a lot of employees can be responsible for invoices, so reason and theme of email can be an effective ploy. Since the employee who received this email works with invoices on a daily basis, it appears that the cybercriminals who sent the email likely conducted some social reconnaissance before sending it. If you do not check the actual email address of the sender and your email client does not show it by default, you might fall into this trap. Example of spear phishing emailĪs we can see, email seems to be originated from Acronis support. Yet this example shows how employees who are not as well-trained regarding security might easily fall victim to this kind of attack, leading to compromise and data loss, unless a strong cybersecurity product is running on their machines. For a security professional or someone in the cybersecurity industry, the attempt is relatively easy to recognize. Recently one of Acronis’ top managers found the phishing email pictured below in his inbox. Real phishing email received by an Acronis c-level executive Let’s look at one of the latest examples. The Anti-Phishing Working Group’s (APWG) Phishing Activity Trends Report for Q1 2020 notes that phishing attacks rose to the highest level since 2016, with more than 60,000 phishing sites being reported in March alone.Īs a member of APWG, Acronis can confirm that we’ve seen an uptick as well and Acronis employees of all levels receive well-crafted phishing emails every day. Unfortunately, phishing attempts are on the rise. Meanwhile, other research from 2019 showed that spear-phishing emails, which target specific individuals or organizations (rather than “casting a wide net”) are used by nearly 65% of all known groups carrying out targeted cyberattacks. Their report also revealed that 94% of malware was delivered via email, with phishing emails being the most prevalent type used. Last year, Verizon’s Data Breach Investigations Report concluded that phishing was the number one attack vector used in successful data breaches. Phishing attacks, which involve criminals posing as legitimate contacts use emails and instant messaging to trick victims into providing valuable information like login credentials and banking or credit card details, is a major challenge for organizations.
0 Comments
Leave a Reply. |