A new GreatHorn report emphasizes on the growth of corporate phishing emails from March to November 2016. The firm has analyzed more than 56 million emails in the given period, gathered from 91,500 corporate mailboxes.
GreatHorn researchers concluded that attackers are relying more and more on highly targeted, non-payload attacks that are built on pressure tactics and exploit trust. This is how corporate users are tricked into taking action that eventually puts their organizations at risk. More specifically, GreatHorn detected 537,000 phishing threats, 490,557 or 91% of which contained display name spoofs.
Display Name Spoofs, Direct Spoofs and Domain Lookalikes
Spoofing is a popular technique among attackers. Display name spoofs particularly involve impersonating a person familiar to a corporate user for the purpose of making them believe they know the recipient. The technique is quite effective and is often leveraged in attacks on businesses, and represents 91% of said attacks. The reason it’s so effective is quite simple – corporate users are flooded with emails on a daily basis.
Besides display name spoofs, direct spoofs were also monitored by GreatHorn researcher who said it’s the second most popular spoofing technique. About 8% of the attacks observed contained direct spoofs. Domain lookalikes represented about 1% of the corporate phishing attacks.
According to GreatHorn CEO Kevin O’Brien:
Stopping spear phishing attacks isn’t as simple as pushing a button; the sheer volume of these attacks, coupled with the size of the attacks surface and security resource constraints, makes it impossible to mitigate risk solely via human intervention, no matter how much you try to train your end users. A true defense-in-depth strategy for protecting against these attacks requires unified visibility and control, coupled with risk-appropriate automation, across an organization’s entire communications infrastructure.
What is worse is that statistics show that even security and IT professionals are unsure of how to handle a flagged phishing attempt. Apparently, 41% of professionals do nothing, and only 33% decide to alert an administrator.