Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

OUCH! One in Every 101 Emails is a Hacking Attempt

September 13, 2018

I suppose we shouldn't be surprised by the new report from FireEye in which over half a billion emails sent between January and June 2018 were analyzed and FireEye found that 1 in every 101 emails is malicious and intended to compromise a user or network. If you take away the spam, only 1/3 of emails are regarded as "clean."

As a post in ZDNet noted, one particular trend that FireEye details is that while attackers are still attempting to dupe victims into installing malware, ransomware and other forms of malicious software via weaponized attachments in emails, these only accounted for ten percent of blocked attacks in the six month period.

The remaining 90 percent of attacks involving no malware in the initial attack, but rather use social engineering and impersonation to conduct campaigns for directly stealing data or installing malware to be used in the future.

Increasingly, attackers are doing this is by turning to impersonation attacks, pretending to be a colleague, boss – or even CEO – within a workplace and then using the relationship to convince the victim give over sensitive data or to make a financial transaction. Sometimes, this only comes after a back and forth conversation in order to avoid any initial suspicion by the user.

The attacks are relatively simple to carry out, because rather than needing to spoof an entire domain, the attackers can much more easily spoof a display name or email address – particularly if the victim is using a smartphone.

"If you look at the inbox, all it gives you is the display name – anyone can type anything in there," said Ken Bagnall, VP of email security at FireEye.

One particular means of impersonation attack FireEye points to as on the rise are those leading to phishing sites and other malicious links. Rather than sending individual messages, the attacker sends a more general message containing what looks like an internal company link, which once clicked, can lead to a malware payload or credential harvesting site.

Hat tip to Dave Ries.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
https://www.senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

OUCH! One in Every 101 Emails is a Hacking Attempt

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer