sb-as logo
Story image

Cyber criminals turn to Gmail and AOL to advance attacks

Cyber criminals are using increasingly sophisticated means, with the latest example of this being official email services used to impersonate and scam 6,600 organisations in 2020.

According to email security firm Barracuda Networks, cyber criminals are increasingly registering accounts with legitimate services, such as Gmail and AOL, to use them in impersonation and business email compromise attacks.

In their most recent threat spotlight report, Barracuda researchers observed that 6,170 malicious accounts that have used Gmail, AOL and other email services, have been responsible for over 100,000 BEC attacks which have impacted nearly 6,600 organisations.

Furthermore, since April 1 these ‘malicious accounts’ have been behind 45% of all BEC attacks detected, the researchers state.

Essentially, cyber criminals are using malicious accounts to impersonate an employee or trusted partner, and send highly personalised messages for the purpose of tricking other employees into leaking sensitive information, or sending over money.

The report finds that cyber criminals' preferred choice of email service for malicious accounts is Gmail, which accounts for 59% of all email domains used by cyber criminals.

Yahoo, is the second most popular, accounting for just 6% of all observed malicious account attacks.

Researchers at Barracuda also observed that most malicious accounts (29%) are used for less than 24-hour periods – most likely to avoid detection and suspensions from email providers.

However, it’s not unusual for cyber criminals to return and re-use an email address for an attack after a long break.

Having analysed attacks on 6,600 organisations, Barracuda researchers found that in many cases, cyber criminals used the same email addresses to attack different organisations.

The number of organisations attacked by each malicious account ranged from one, to a single mass scale attack that impacted 256 organisations - 4% of all the organisations included in the research.

Similarly, the number of email attacks sent by a malicious account ranged from one to over 600 emails, with the average being only 19.

Barracuda Networks VP of Email Protection Michael Flouton says, “The fact that email services such as Gmail are free to set up, just about anyone can create a potentially malicious account for the purpose of a BEC attack.

“Securing oneself against this threat requires organisations to take protection matters into their own hands - this requires them to invest in sophisticated email security that leverages artificial intelligence to identify unusual senders and requests.

“However, no security software will ever be 100% effective, particularly when the sender appears to be using a perfectly legitimate email domain. Thus, employee training and education is essential, and workers should be made aware of how to manually spot, flag and block any potentially malicious content.”

Story image
ThreatQuotient hits $22.5m in new financing, continues growth streak
“Since we first invested in ThreatQuotient in 2017, their team has continued to prove to the market that there is a critical need for cybersecurity solutions aimed at security operations."More
Story image
Zscaler and CrowdStrike release integrations for end-to-end security
This collaboration between the two cloud-native security companies provides joint customers with adaptive, risk-based access control to private applications.More
Story image
IT leaders prioritising automation, Zero Trust and API-based security investments
"The study shows that a cocktail of multiplying threats, the proliferation of hybrid and cloud architectures, blended with a pandemic-fuelled explosion in distributed and remote work has created a perfect storm for network security teams."More
Story image
Financial malware activity dropped in 2020 as creators honed their wares
Cybercriminals used the time to plan more malicious propagation techniques, both new and evolved from previous methods.More
Link image
Virtual demo: Diagnose network cabling problems with the LinkIQ Cable+Network Tester
If you’re finding it difficult to install access points and cabling, or if you can’t pinpoint an issue with a video camera or end user, the LinkIQ Cable+Network Tester could be exactly what you need. Try a free, fully interactive demo now.More
Story image
O365 a weak point ripe for exploit, say security professionals
71% of more than 1,000 security professionals have been on the receiving end of a Microsoft 365 account takeover, on average, seven times in the last year alone.More