CYBER NEWS

Personalized Spear Phishing Emails Lead to Highest Ever Click Rate

Phishing attempts are constantly being improved and made more sophisticated and personalized. Currently, carefully crafted spear phishing emails are being spread posing as airlines and financial departments. The attempts go so far that they imitate internal corporate travel and expenses systems. The end goal is always the same – delivering malware and stealing personal information from targets.

Related: Beware! Amazon Phishing Scam Lures Victims with Unbeatable Prices

Spear Phishing Becomes Highly Personalized and Very Successful

The described airline phishing attack has been disclosed by Barracuda researchers. The attackers have included various techniques in their arsenal with the purpose of stealing sensitive details from victims and infect them with an advanced persistent threat.

Here’s an example of a subject line used by the phishers:

Fwd: United Airlines: Confirmation – Flight to Tokyo – $3,543.30

The attack is made of the following techniques:

  • Impersonation. Attackers have initially researched the targeted organization’s structure and communication patterns. This is how emails become highly personalized leading to a very high click rate, over 90 percent, representing one of the highest phishing click rates ever.
  • Malware delivery. In this campaign, a piece of APT (Advanced Persistent Threat) is dropped onto the network once the attachment is opened.
  • Classical phishing. The attackers depend on the legitimacy of their emails to gather login credentials via a fake login page. Once these credentials are in the hands of the criminals, further access to internal and sensitive company data is granted.

The attacks that included links to a phishing website were designed to imitate an airline website, or in other cases, the expense or travel system used by the targeted company. This way the victim is lured into entering login credentials thus expanding the attack surface. As a result databases, email and file servers could be compromised.

What Could Organizations Do to Prevent Spear Phishing/ APT Attacks?

Organizations should employ a multi-layered security plan so that such attacks are prevented. The first layer of protection is sandboxing, followed by APT prevention. There are also advanced phishing engines that offer link protection which will search for websites with malicious code. Employee awareness and training shouldn’t be underestimated, too.

Related: Protect Organization Networks Against Ransomware Attacks

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...