Account Takeover Attacks On The Rise; Business Should Prepare

Like in the recent Facebook attack, account takeovers are commonplace these days and on the rise. In a recent study by Barracuda Networks, the company found that by stealing account credentials for email accounts, attackers were then using these in phishing campaigns that had various objectives. These included sending spam, which can be just annoying and for marketing, but often times is intended to get malware onto a device.

It’s important to know when a link or attachment in an email is OK to click. The number one clue is that you were not expecting to receive it. Of course not all links that you are not expecting are malicious; such as links to information for a conference you may be attending soon. However, many are and should certainly be deemed suspicious. If you cannot be certain a link or attachment is safe, contact the sender by calling them on the phone. Remember not to use information sent in those email messages for contacting the sender. Often, these are fake as well and just take you right back to the attackers.

The old standby clues still help in detecting phishing email too.

• They have improperly spelled words or poor use of the language.
• They use old and/or unprofessional looking images.
• The greeting is generic
• The link doesn’t go where you expect it to if you hover the mouse pointer over it.

In the Barracuda report, 78% of the account takeover incidents were used to send phishing email messages. Twenty-two percent (22%) were geared toward employees that worked in departments that have access to sensitive information, such as human resources, IT, finance, and the legal department. These employees are often targeted for business email compromise (BEC) attacks that lead to wire fraud and account takeover of financial accounts. The FBI continues to warn of these types of attacks. According to a report from Trend Micro (Security Predictions for 2018), that company expects this type of fraud to hit $9 billion in global losses in 2018.

On the plus side, only 6% of the employees compromised were at the executive level. The statement made in the report is that lower level employees typically don’t have as much cybersecurity training and therefore fall victim more often.

Account takeover is a good way for cybercriminals to get the information they need. That’s because phishing email messages often make it past all of the perimeter and other security tools that may be in place in an organization. These tools aren’t always able to detect if an email message is phishing. The cybercriminals have become that good at making these look authentic, especially when they are crafted with targeted details that the recipient may believe to be true.

The pressure is on for businesses to keep on top of this threat. And the best way to do this is with continual awareness training and education for all employees on how to detect recent security threats. And more importantly, how to avoid becoming their next victims.