Friday, September 27, 2019

Account Takeover email attacks on the rise

PARCA eNews – Aug. 15, 2019 – A number of cybersecurity companies are warning that the use of email account takeover is a rising security threat. 

Agari a cybersecurity company specializing in email cyber threats issued a report in April 2019 showing a 126 percent increase month to month in targeted email attacks that exploit account takeover tactics since the beginning of 2018.

San Francisco-based Barracuda also issued a report showing that the way cybercriminals are using email account takeover is evolving, frequently launching sophisticated lateral phishing attacks from ATO emails. The report showed that 37 percent of lateral phishing attacks were using tailored content that was enterprise-oriented or even highly specific to the victim’s organization.

A new survey conducted by Osterman Research reported that in the last 12 months, 44% of organizations were victims of targeted email attacks launched via a compromised account.

Account-takeover -based email attacks originate from email addresses that have been gleaned from data breaches. In some cases these email addresses and account credentials are collected into lists and sold on the dark web.

Osterman’s report says ATO attacks are tend to be more successful for cybercriminals because the email accounts taken over are those of trusted senders, the cybercriminals are able to take advantage of an existing trusted relationship to increase the odds of success. In addition, since the attack originates from a legitimate account they have a better chance of going undetected by traditional security controls.
To protect against such attacks, Barracuda suggests:

  • Monitor inbox rules and suspicious logins
  • Train staffers to recognize and report attacks
  • Deploy account-takeover protection technology
  • Implement multi-factor authentication

No comments:

Post a Comment

Followers