By Ben Adamson, Lead Technical Consultant (Presales) APAC, Mimecast
[Reading time: 1.30 mins]
Everyday cybercriminals learn from yesterday’s attacks to plan new ones. Whaling attacks, also known as Business Email Compromise or CEO fraud, are now the latest frontline.
These attacks are designed to trick key employees into making financial transactions by pretending to be the CEO or CFO in a spoofed email. Some also target those responsible for sensitive employee data, for example HR records or tax information, which could be used for identity theft.
Snapchat is just one example among a string of large organisations hit by attacks. This incident saw a targeted phishing email impersonate CEO Evan Spiegel to leak the company’s payroll data.
The United States has been beset by these ‘W-2’ tax form attacks while New Zealand’s Inland Revenue has also issued a new warning. As the Australian tax season approaches, organisations must prepare for a new wave of attacks.
Cybercriminals realised that anti-virus, real-time URL checking and other security tools like attachment sandboxing are increasingly making their lives difficult, so new tactics were required. These attacks are designed to pierce email traditional security architecture, be it running on-premises, hybrid or even Office 365.
It’s widely known how damaging ransomware has been to Australian organisations but these sums pale in comparison to this latest threat. The FBI recently reported global business losses due to whaling of more than $1.2 billion in little over two years, and a further $800 million in the six months since August 2015.
This trend is also supported by new Mimecast research. Since January 2016, 67% of firms around the world have seen an increase in attacks designed to instigate fraudulent payments and 43% saw an increase in attacks asking for confidential data.
Even the smartest employees can fall victim to these malware-less crimes. Employee education and rigorous business processes play an important role, and I believe advanced pattern recognition can play a larger role in identifying social engineering attacks.
Email is a vital tool for getting work done but also contains much of an organisation’s valuable data. It’s also the primary vector of attack. As new attack patterns continue to appear, It critical for Australian organisations to invest in more regular training and appropriate security technology.
Data#3’s dedicated security practice, Data#3 Secure provides your business with the right platform to optimise and manage your IT security Environments, delivered via our secure framework.