Knowing how to fight increasingly complex email attacks is key to protect yourself from threats. While email threat categories include spam, malware, data exfiltration, phishing, and impersonation, there are 13 email threat types that fall into these categories, that you should understand. We will break down those 13 types in detail to keep in mind and handy whenever you might need it.
- Spam
-
- Spam is junk email and can come in various forms. One impact spam has on businesses is it costs. It costs approximately $20 billion per year for businesses in losses. It lowers productivity because it floods inboxes with junk mail. Block spam when you see it!
- Malware
-
- There are two types of malware: volumetric malware and zero-day malware. Volumetric malware is designed to be spread en masse and rake advantage of older systems. Zero- day malware is advanced, and attacks using zero- day threats, which are ones that do not match malware signatures and haven’t been seen before. Another type of malware attack is URL attacks. These are directed to unsafe websites or payloads that are intended to scam users to clicks and downloading the hidden malware. To be protected from malware, an important tool to use is signature matching to detect and block malware variants at the gateway level.
- Data Exfiltration
-
- Data exfiltration is the unauthorized transfer of data from a computer or another device. Its also known as data extrusion, data exportation, data leaks, data leakage, data loss and data theft. An email defense against data exfiltration is implementing data loss prevention (DLP). This technology scans the end user’s environment to not send sensitive data outside the organization. It can identify confidential information such as credit card numbers, SSN, and HIPAA medical records.
- URL Phishing
-
- With URL phishing, cybercriminals use email to direct their victims to enter sensitive information on a fake website that looks real. It is also known as fake websites or phishing websites. 32% of breaches involve phishing attacks. As a defense from this, gateways and sandboxing are very effective. These help block malicious links specifically through gateways of URL filtering and re-write.
- Scamming
-
- Email scamming is very common. With this, cybercriminals use fraudulent schemes to defraud victims or steal their identity through scams/ tricks. Examples of scamming are fake job postings, investment opportunities, inheritance notifications, lottery prizes, and fund transfers. The FBI reported millions of dollars lost from scams. $475 million came from confidence fraud, and the next most common subject were investment scams, at $222 million in damages. To fight scamming, API- based inbox defense can stop scamming in using historical email communications to determine what normal email communications look like.
- Spear Phishing
-
- Spear phishing is a highly personalized form of an email phishing attack. Hackers carefully design messages through researching their target victims. Sometimes they impersonate a trusted colleague, website, or business. This email threat is also known as whaling and laser phishing. The best defense from spear phishing is API-based inbox defense.
- Domain Impersonation
-
- Domain impersonation is used by cybercriminals as a part of a conversation- hijacking email attack. Attacks impersonate domains using various techniques. The best defense from domain impersonation is to carefully detect a typo in domains and differentiating a impersonating website from a real website. API-based inbox defense also can protect this from happening. Domain impersonation is also known as typosquatting and lookalike domains. If impersonating ctnsolutions.com, the example of these fake domains look something like this:
- cynsolutions.com
- ctmsolutions.com
- ctnsolution.com
- ctnsolútions.com
- ctnsolutions.co
- ctnsolutions.net
- Domain impersonation is used by cybercriminals as a part of a conversation- hijacking email attack. Attacks impersonate domains using various techniques. The best defense from domain impersonation is to carefully detect a typo in domains and differentiating a impersonating website from a real website. API-based inbox defense also can protect this from happening. Domain impersonation is also known as typosquatting and lookalike domains. If impersonating ctnsolutions.com, the example of these fake domains look something like this:
Look out for our next blog to see part 2 for the rest of email threats!
Source; Barracuda