Personalized Spear Phishing Emails Lead to Highest Ever Click Rate

Personalized Spear Phishing Emails Lead to Highest Ever Click Rate

Phishing attempts are constantly being improved and made more sophisticated and personalized. Currently, carefully crafted spear phishing emails are being spread posing as airlines and financial departments. The attempts go so far that they imitate internal corporate travel and expenses systems. The end goal is always the same – delivering malware and stealing personal information from targets.

Related: Beware! Amazon Phishing Scam Lures Victims with Unbeatable Prices

Spear Phishing Becomes Highly Personalized and Very Successful

The described airline phishing attack has been disclosed by Barracuda researchers. The attackers have included various techniques in their arsenal with the purpose of stealing sensitive details from victims and infect them with an advanced persistent threat.

Here’s an example of a subject line used by the phishers:

Fwd: United Airlines: Confirmation – Flight to Tokyo – $3,543.30

The attack is made of the following techniques:

  • Impersonation. Attackers have initially researched the targeted organization’s structure and communication patterns. This is how emails become highly personalized leading to a very high click rate, over 90 percent, representing one of the highest phishing click rates ever.
  • Malware delivery. In this campaign, a piece of APT (Advanced Persistent Threat) is dropped onto the network once the attachment is opened.
  • Classical phishing. The attackers depend on the legitimacy of their emails to gather login credentials via a fake login page. Once these credentials are in the hands of the criminals, further access to internal and sensitive company data is granted.

The attacks that included links to a phishing website were designed to imitate an airline website, or in other cases, the expense or travel system used by the targeted company. This way the victim is lured into entering login credentials thus expanding the attack surface. As a result databases, email and file servers could be compromised.

What Could Organizations Do to Prevent Spear Phishing/ APT Attacks?

Organizations should employ a multi-layered security plan so that such attacks are prevented. The first layer of protection is sandboxing, followed by APT prevention. There are also advanced phishing engines that offer link protection which will search for websites with malicious code. Employee awareness and training shouldn’t be underestimated, too.

Related: Protect Organization Networks Against Ransomware Attacks

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Subscribe to receive regular updates about the state of PC Security and latest threads.

Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.