Ingenious imitation, fake GDPR notices and phishing on behalf of internet giants found in email threats aimed at businesses

Woburn, MA – March 25, 2019 — /BackupReview.info/ — According to Kaspersky Lab’s report on spam and phishing in 2018, the company’s products blocked 120 million attempted attacks on businesses through malicious emails last year. The research found that fraudsters put more effort into imitating genuine business communications, disguising themselves as large internet companies and taking advantage of global business trends like GDPR.

In many cases, corporate email is the first gateway to an organization’s IT infrastructure. For cybercriminals, tricking employees with phishing emails is one of the most effective and efficient ways to instigate a breach.

Kaspersky Lab’s research revealed a number of key trends in phishing communications targeting businesses last year. Fraudsters are using highly detailed malicious messages, designed to mimic an authentic piece of communication, such as a real letter from a bank or accounting firm. These often contain a genuine logo, name and title of a real employee, as well as attachments not typically used by spammers (such as ISO, IQY, PIF, and PUB) so as to bypass security solutions.

Additionally, global internet companies were the biggest corporate victims of phishing threats in 2018, with 24 percent of attacks made against web portals. The most common companies that criminals posed as in their phishing emails were Microsoft, Facebook and PayPal.

In the second quarter of 2018, when companies all over the world were busy adopting GDPR, Kaspersky Lab observed an increase in the number of spam and phishing emails connected to this legislation. Scammers attacked financial organizations by sending GDPR-related phishing emails to their customers, asking them to update their login credentials. When a user clicked on the link, they were redirected a fake bank page. Once they entered their credentials, these were sent directly to the fraudsters.

“As email continues to be the most popular method of corporate communications, it remains a tempting target for criminals,” said Sergey Martsynkyan, head of B2B product marketing, Kaspersky Lab. “Social engineering continues to deceive, and, as the statistics show, criminals remain highly active in using it to infiltrate systems. Preventive measures, such as educating employees about cyberthreats, are extremely important, but businesses should also ensure they have specific protection on their mail servers and mail gateways.”

To stay protected against spam and phishing threats targeting corporate email, Kaspersky Lab recommends the following tips for businesses:

  • Educate employees to always double-check the URL of any links in emails or messages from an unfamiliar sender, and check the sender’s email address before clicking anything or opening attachments.
  • Show employees how to recognize fake or insecure websites, and remind them to never enter their credentials before checking a website’s credibility.
  • Introduce security awareness initiatives, including gamified training with repetition of simulated phishing attacks.
  • Use a dedicated security solution for the corporate mail server. To help businesses securely use Exchange Online inside the Microsoft Office 365 suite, Kaspersky Lab offers Kaspersky Security for Microsoft Office 365, which reinforces protection from spam, phishing, malicious attachments and unknown threats that may be spread through emails.

More information can be found in Kaspersky Lab’s full report on “Spam and Phishing in 2018,” available on Securelist.com

About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 21 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com

Media Contact
Meghan Rimol
Meghan.rimol@kaspersky.com
781.503.2671

Source: Kaspersky Lab

 

 

Related posts:

  1. Kaspersky Lab Finds Fraudulent Facebook Sites Dominate Social Network Phishing in Q1 2018
  2. Over a Quarter of Phishing Attacks in 2014 Targeted Users’ Financial Data
  3. New Kaspersky Endpoint Security for Business Delivers Enhanced Data Protection and Manageability Across All Platforms and Devices
  4. Financial Phishing Accounts for More Than Half of All Phishing Attacks for the First Time
  5. New Kaspersky Security for Microsoft Office 365 Enhances Protection for Exchange Online
  6. Kaspersky Lab Reports Significant Increase in Malicious Spam Emails in Q1 2016
  7. Kaspersky Lab Finds For the Fourth Year in a Row that Login Information is Most Targeted by Malicious Email Spam
  8. Kaspersky Lab Spam and Phishing in Q2 2015 Report: Exploiting World Events and Targeting the Vulnerable with ‘$2 million’ Offers
  9. Kaspersky Lab Finds Phishing Attacks Hit Almost 500 Million Users in 2018
  10. Kaspersky Lab Uncovers New Muddy Water Operation, Targeting Governments in Asia, Europe and Africa

Tags: ,