Report: 91% of all bait attacks conducted over Gmail

by admin 0 Comments

Enterprise

Products You May Like

Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

According to a report from Barracuda, 35% of organizations were targeted and had an average of three employee email accounts impacted by bait attacks; also, 91% of all bait attacks were conducted over Gmail.

Bait attacks (also known as reconnaissance attacks) are a class of threats utilized by malicious actors looking to gather information from potential victims. The goal of bait attacks is to confirm the existence of a victim’s email account, if the message is not returned as undeliverable, or to engage in a conversation with the intent to collect information for future attacks. The initial messages are often very short or completely empty. Because these emails have very little content and are often sent from reputable email services, it is difficult for conventional phishing detectors to defend against them.

If the past year has shown us anything, it’s that anyone is susceptible to bait attacks, just as they are to other email threats. In a previous report, Barracuda found that the average organization is targeted through 700 or more social engineering attacks each year. These kinds of attacks are only becoming more targeted and personalized, making them increasingly difficult to detect.

Pie graph. Top sending email domains for bait attacks. 91% of attacks occur in Gmail, and 9% occur everywhere else.

To defend against these kinds of attacks, security teams should implement AI detection methods. They should also train their users to recognize and report bait attacks to their IT and security teams, displaying real examples in security awareness training and attack-simulation campaigns to better prepare employees to identify and respond appropriately.

Most importantly, security teams should not let bait attacks sit inside users’ inboxes. Once a bait attack is identified, it is critical to remove it immediately, before the message can be opened or given a response. This will help to prevent any further activity from the threat and lessen the odds of becoming a target.

Researchers from Barracuda analyzed bait attack patterns in September 2021 from 10,500 organizations.

Read the full report by Barracuda.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

This article was originally published by Venturebeat.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

iOS 19 Development Reportedly Begins at Apple for 2025 Release; Said to Be Codenamed Luck
NPCI Brings QR Code-Based UPI Payments to UAE in Partnership With Network International
Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool
Google Pixel 9 Alleged Hands-on Video Shows Off Pink Colour Variant With Rounded Corners
Samsung One UI 6 Watch Beta for Select Galaxy Watch 5, Galaxy Watch 4 Models Reportedly Released

Leave a Reply

Your email address will not be published. Required fields are marked *