Email Account Takeover and Lateral Phishing Attacks Increase Risk to Enterprises

The latest method of attack uses sender familiarity to lower victim defenses and increase the potential for scams, attacks, or fraud to succeed.

The goal of a phishing attack is to get the potential victim to take an action desired by the attacker – clicking a link, opening an attachment, providing credentials, etc. What better way to convince a victim to do so than by sending the email from someone they regularly correspond with?

That’s the premise of the growing trend of lateral phishing attacks. According to new research from security vendor Barracuda, one of the growing trends is the leveraging of compromised email from one user to spread an attack to other users via additional phishing emails.

According to the report:

• 1 in 7 organizations have experienced email account takeover attacks
• 60 percent of attacked organizations had multiple compromised employee accounts used to send lateral phishing attacks
• 55% of targets have a personal or work relationship to the hijacked account
• Nearly all attacks occur during normal work hours
• One-third of attacks used stealth techniques such as responding to replies and actively deleting traces of email conversations

Users today can no longer assume that emails even coming from people they know are legitimate. With two-thirds of the emails used in these scams containing generic content, users can be taught using Security Awareness Training to scrutinize the email’s content and to use a different medium to contact the sender to validate the email message.