Barracuda Research Reveals Evolving Tactics Attackers Use to Trick Victims

0
Highlights:
  • Business email compromise (BEC) attacks are increasing as cybercriminals see how lucrative this type of attack can be.
  • Attackers’ exploitation of fears around the COVID-19 pandemic show how quickly they can adapt to current events.
  • Hackers use multiple tactics to disguise malicious links and avoid detection by URL protection solutions.

Barracuda, released a new report with key findings about the ways cybercriminals are adapting quickly to current events and new tactics. The latest report, titled Spear Phishing: Top Threats and Trends Vol. 5 – Best practices to defend against evolving attacks, reveals new details about these highly targeted threats, including the latest tactics used by cybercriminals and the steps you can take to defend your business.

The report takes an in-depth look at how attackers are quickly adapting to current events and using new tricks to successfully execute attacks — spear phishing, business email compromise, pandemic-related scams, and other types. It also tackles why organizations need to invest in protection against lateral phishing and other internally-launched attacks from compromised accounts, including solutions that use artificial intelligence and machine learning.

Attack trends and beyond
Barracuda’s research reveals key takeaways about how these targeted attacks are evolving and the approaches cybercriminals are using to maximize their impact.

  • Business email compromise (BEC) makes up 12% of the spear-phishing attacks analyzed, an increase from just 7% in 2019.
  • 72% of COVID-19-related attacks are scamming. In comparison, 36% of overall attacks are scamming. Attackers prefer to use COVID-19 in their less targeted scamming attacks that focus on fake cures and donations.
  • 13% of all spear-phishing attacks come from internally compromised accounts, so organizations need to invest in protecting their internal email traffic as much as they do in protecting from external senders.
  • 71% of spear-phishing attacks include malicious URLs, but only 30% of BEC attacks included a link. Hackers using BEC want to establish trust with their victim and expect a reply to their email, and the lack of a URL makes it harder to detect the attack.

“Cybercriminals adapt very quickly when they find a new tactic or current event that they can exploit, as their response to the COVID-19 pandemic proved only too well,” said Don MacLennan, SVP, Engineering & Product Management, Email Protection, Barracuda. “Staying aware of the way spear-phishing tactics are evolving will help organizations take the proper precautions to defend against these highly targeted attacks and avoid falling victim to scammers’ latest tricks.”

See the full report: https://www.barracuda.com/spear-phishing-report-5

Image Licensed by Pixabay.com

Related News:

Red Hat Builds a Common Kubernetes Foundation for Windows and Linux Container Workloads for Red Hat OpenShift

AAAC: 2020 State of AI in Advancement Report

Share.

About Author

Leigh Porter's first love is to love people. Beginning her career as a neonatal RN was an obvious choice until life threw the curve ball to embark on a new IT endeavor. Pursuing this fresh career was a piece of cake with her resilient and steadfast character. Outside of the office, Leigh also diligently gives much of her time faithfully as a nationally awarded volunteer leader to a very dear to her heart organization.