Impersonation attacks are on the rise, accounting for 26 per cent of total detections, categorised as spam, impersonation, opportunistic, and targeted – and now includes voice phishing or “vishing,”. There, threat actors use social engineering to gain access to personal and financial information via the victim’s telephone system. That’s according to email and data security company Mimecast’s quarterly Threat Intelligence Report.
While the report uncovered a mixture of simple, low effort and low-cost attacks targeting company customers, the data also highlights complex, targeted campaigns leveraging a variety of vectors and lasting days, the cyber firm says. These sophisticated attacks are likely carried out by organised and determined threat actors, employing obfuscation, layering, exploits, and encryption to evade detection. Three industries were targeted the most by cyberattacks. Banking and legal, industries that are rich with sensitive information that yield results for threat actors and transportation, where state-sponsored threat actors seek to disrupt the logistical and supply capability of rivals.
Josh Douglas, vice president of threat intelligence at Mimecast said: “Threat actors seek numerous ways into an organisation – from using sophisticated tactics, like voice phishing and domain spoofing, to simple attacks like spam.
“This quarter’s research found that the majority of threats were simple, sheer volume attacks. Easy to execute, but not as easy to protect against as it shines a very bright light on the role human error could play in an organisation’s vulnerability. Organisations need to take a pervasive approach to email security – one that integrates the right security tools allowing for greater visibility at, in and beyond the perimeter. This approach also requires educating the last line of defence – employees. Coupling technology with a force of well-trained human eyes will help organisations strengthen their security postures to defend against both simple and sophisticated threats.”
Of the 160 billion emails processed, there were 19 significant malware campaigns identified this quarter which incorporated Azorult, Hawkeye, Nanocore, Netwired, Lokibot, Locky and Remcos. The campaigns observed range from simple phishing campaigns to multi-vector campaigns alternating file types.
