We are breaking down the next half of the 13 email threats to look out for in this part 2 blog! Remember, knowing how to fight increasingly complex email attacks is key to protect yourself from threats. While email threat categories include spam, malware, data exfiltration, phishing, and impersonation, there are 13 email threat types that fall into these categories, that you should understand. Keep these threats in mind and handy whenever you might need it.
- Brand Impersonation
- Brand impersonation is designed to impersonate a company or brand to trick people to responding to the email or giving out personal information. Common types of brand impersonation include service impersonation and brand hijacking, both a form of phishing. Service impersonation is designed to impersonate a well-known company or business application. Brand hijacking occurs when an attacker appears to use a company’s domain to impersonate a company or one of its employees. This is also known as brand spoofing or domain spoofing. Also, Microsoft is the most impersonated brand in spear- phishing attacks and most common platform for cybercriminals to carry out their techniques.
- Blackmail scams are becoming much more common and sophisticated. Although, blackmail scams are known to be under-reported because of the sensitive nature of the threats, causing IT experts to not be able to assist. In blackmail cases, attackers use stolen usernames and passwords from data breaches that they then leverage to contact and trick the victim via email to giving them money. Sometimes they record the victim on their computer, and threaten to release it publicly unless they do as the cybercriminal says and pays them. To avoid blackmail, there is inbox defense that can recognize unusual and threatening tone of blackmail attacks that will flag suspicious emails to you. Gateways can monitor some signs of blackmail in your email as it recognizes certain keywords and other abnormal items. Lastly, be on the lookout for this suspicious activity if you were recently involved in a data breach.
- Business Email Compromise
- Business email compromise is certainly a tricky one. With this attack, scammers impersonate an employee within your organization to attempt to defraud the company or other employees and customers. A popular attempt of business email compromise is through payroll scams to steal paychecks. Almost half of this email attack are launched through Gmail accounts. Although business email compromise only accounts for 7% of phishing attacks, it totaled $1.7 billion in losses in 2019.
- Conversation Hijacking
- Conversation hijacking really demonstrates how cybercriminals have grown to be extremely advanced. With this, scammers insert themselves into existing business conversations or initiate new conversation based on information they were able to gather. The attacker spends time reading through many emails and monitors employees accounts, enabling them to understand in progress projects, deals, payments, and anything else within a business process. In fact, even top tier businesspeople fall for this attack. Barbara Corcoran, famously known for her business expertise on Shark Tank, lost $400,000 from a conversation hijacking attack.
- Lateral Phishing
- Lateral phishing is when cybercriminals use recently hijacked accounts to send phishing emails to unsuspecting recipients. These would be close contacts in the company and/ or partners, causing the attack to spread. This email threat has a high success rate because the email account is legit and looks to be from a friend, coworker, or partner. As it is successful, it is also grown to happen often. About 1 in 7 organizations have experienced a lateral phishing attack. This is an internal attack that is very hard to lookout for, but keep in mind to carefully pick and choose what you open and click on in your email.
- Account Takeover
- Account takeover is a form of identity theft and fraud. Cybercriminals use certain threatening tactics to access email accounts and gain login credentials. Once a hacker is in an account, they’re able to completely take it over. They can then see how a company does their operations, access email signatures, and hack financials. If a cybercriminal successfully attacks, it can lead them to takeover other accounts within the organization. Additionally, studies found that 29% of organizations had their Microsoft Office 365 accounts compromised in one month from account takeovers.