5 Email Campaigns Evading In-Market Security Solutions

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next 5 Email Campaigns Evading In-Market Security Solutions-6 Next

Verify Campaign

In this campaign, attackers sent emails to unsuspecting employees, informing them of incorrect and missing details in their accounts with Bank of America. The emails, which appeared to have legitimately come from Bank of America, contained an attachment called Verify.html. When victims opened the attachment, they were rerouted and asked to provide additional personal information. After a victim filled out the information and submited the form, the information was then sent to an attacker-controlled IP hosted in Iran.

Email is still the primary attack vector for many cybercriminals. In addition to malicious attachments and URLs, credential phishing is also on the rise and placing everyday users at the root of the attack. Why? Cybercriminals are using advanced attack methods that are consistently evading traditional detection tools. As such, organizations are beginning to realize that these advanced attacks can only be detected through multi-dimensional behavioral analytics that operate on diverse data sources and use a full spectrum of machine learning techniques.

Over a two-month period, security analytics firm Niara worked with customers to analyze email traffic and found a number of malicious email campaigns that sophisticated attackers were using to circumvent traditional defenses in order to gain a foothold within the enterprise and steal sensitive information. This slideshow presents five of the malicious email campaigns detected. Niara has also identified the tools, techniques and procedures used in each, which can be used to determine if your organization has been targeted by any of these campaigns.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

142x105itbeusasecurity2.jpg 9 Predictions for Cybersecurity’s Role in Government and Politics in 2017

Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ...  More >>

Shadow IT Security How Risky Behaviors Hurt Shadow IT Security

Examine some of the concerns involving shadow IT security and some of the riskiest behaviors, applications and devices. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.