Sharp rise in cyber impersonation and CEO email spoofing attacks
Amid the global furore over high-profile cyber espionage, businesses and individuals have to contend daily with increasing cyber criminality and CEO email spoofing.
In line with the uptick in ransomware, impersonation attacks have become a common way for cybercriminals to extract money from unsuspecting Internet users.
Impersonation attacks are basically phishing attacks in which a cybercriminal uses the name of a CEO, executive, employee or business partner in order to get sensitive information from victims. A recent Mimecast report has highlighted a whopping 400% increase in impersonation attacks worldwide.
Notably, these impersonation emails often don’t contain malware and rely on conning recipients into sending money or data that ultimately exposes the end user.
Impersonation attacks are basically phishing attacks in which a cybercriminal uses the name of a CEO, executive, employee or business partner in order to get sensitive information from victims
Leveraging personal data in the public realm
Unsurprisingly, hackers trawl social media sites such as Facebook, Twitter, and LinkedIn for key personal details that enable them to compose highly believable emails and messages.
By learning about a CEO’s leadership and communication style, for example, or mimicking a company’s sales team, hackers are able to compose emails that can easily dupe unsuspecting employees, clients or business associates. Indeed, familiarity leads to critical mistakes in today’s digital realm.
Such attacks have been on the rise for some time…
A recent public service announcement issued by the Federal Bureau of Investigation (FBI) stated that between October 2013 and December 2016, business email compromise scams resulted in a total loss of more than $5.3 billion US dollars.
To date, statistics reveal that there are 4,3 billion email addresses in the world – and people have two email addresses, on average. Worryingly, 90% of attacks start with an email. It’s simply the easiest way in.
Worryingly, 90% of attacks start with an email. It’s simply the easiest way in
For businesses and individuals, the lesson here is to always be on high alert for emails and messages that are even slightly out of the norm.
In addition, it is critical that security systems are consistently monitored and updated in order to guard against impersonation attacks and the various other methods being employed by hackers and criminals.
Prevention is key!