This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
A new study from security firm Tessian highlights the sophisticated techniques employed by threat actors to evade detection and trick employees. Between July 2020-July 2021, two million malicious emails bypassed traditional email defenses, like secure email gateways, placing many employers at risk of data breach and cyber fraud.
According to the study, retail industry was targeted far more than any other industry, with the average employee in this sector receiving 49 malicious emails a year. This is significantly higher than the overall average of 14 emails per user, per year. Employees in the manufacturing industry were also identified as major targets, with the average worker receiving 31 malicious emails a year.
The most common technique employed by the attackers was display name spoofing (19%), where the hacker modifies the sender’s name and disguises themselves as someone the victim recognizes. Domain impersonation, where the attacker sets up an email address that looks like a legitimate one, was used in 11% of threats discovered. The brands most likely to be impersonated were Microsoft, ADP, Amazon, Adobe Sign, and Zoom.
Threat actors also targeted employees in the legal and financial services industries through account takeover attacks. In this method, the malicious emails come from a trusted vendor or supplier’s legitimate email address. The
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Employees in Retail Industry Most Frequently Targeted by Malicious Emails, New Study Reveals