Ride the Lightning

More Than 75% of Account Takeovers Result in a Phishing Email

October 16, 2018

Dark Reading reported recently that a report from Barracuda, which drew on a study of 50 randomly selected organizations, found that approximately 40% reported at least one ATO (Attack Takeover) attack in the second quarter of 2018.

"On average, when a company got compromised, the compromise resulted in at least 3 separate account takeover incidents," according to the report. Of the incidents, 78% resulted in a phishing email being sent.

Why spoof an email address for phishing messages when you can hijack an account and send them from the real one?

"Cybercriminals are able to professionally customize emails to trick even the most discerning eye all the way up to the CEO level," says Ryan Wilk, vice president of customer success at NuData Security. "These phishing emails trick victims into clicking on links or on documents that appear legitimate, only to automatically download key loggers or other malware tools used to harvest credentials."

The report's authors noted that their results may have under-reported the actual incidence of ATO attacks since they relied on incidents reported by companies. Many organizations either aren't aware that they've been the victim of such an attack or are reluctant to admit to having been victimized.

Unaware or reluctant to report? Yup, that's what we see all the time. I'm guessing that ATO attacks are under-reported by a significant amount.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
https://www.senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson