Researchers have combed through 25 million emails and found a new method of attack that blends two previously seen attack types combined into a single attack. A cybercriminal needs to overcome two basic hurdles to infect a machine: First, they need get past any security solutions that inspect attachments looking for signs of maliciousness. Second, they need to get users to click on said attachment. If you can do both of these things, you have yourself a pretty good chance of infection.
Thus far, we’ve only seen attacks that do one or the other well, or use two completely separate tactics to accomplish this. But, according to research from security vendors Glasswall and Forcepoint, a new attack method effectively combines these two tactics into a single attack. Dubbed evasive spear phishing, involves both very targeted spear phishing campaigns using contextual details that indicate a fair amount of diligence and sophisticated malware delivery mechanisms that leverage older Office filetypes.
According to the research, nearly half of all attacks are targeting Technology firms, with developers as the potential victim, likely looking for intellectual property. For each industry, there is a victim demographic, demonstrating that these attacks are not opportunistic, but are laser focused on trying to access and steal very specific kinds of information.
Organizations need to empower users to act as the last line of defense against evasive attacks designed to keep from being detected by security solutions.
Security Awareness Training educates users on how to spot suspicious emails – even when they are designed to look contextually accurate for the target victim.
A new category of attack should be a warning that the bad guys are stepping up their game and are working to leverage the weakest (and last) link in the chain – your users. Take note and be ready.
