Cyberattacks launched against the enterprise which makes use of the HTTPS protocol are increasing alongside spoofing and cloud-based threats, new research suggests.
According to FireEye’s Q1 2019 Email Threat report, released on Tuesday, there has been a 26 percent increase in the use of malicious URLs made to appear legitimate through HTTPS, quarter-on-quarter, while the popularity of the traditional malware-laden email attachment is steadily falling.
“This indicated malicious actors are taking advantage of the common consumer perception that HTTPS is a “safer” option to engage on the Internet,” FireEye says.
HTTPS is an updated version of HTTP which makes use of encryption and a security certificate which is validated by your browser on request when visiting a website implementing the system. Services including email providers, banks, and e-retailers will use the protocol which has now become synonymous with trustworthiness and legitimacy.
However, unsavory web developers are able to use HTTPS, too, through free, stolen, or fake security certificate issuers.
The report, based on the analysis of 1.3 billion emails, further suggests that phishing attacks have risen by 17 percent over Q1 2019. In total, almost 30 percent of all detections impersonate well-known brands including Microsoft, OneDrive, Apple, Amazon, and PayPal.
Nested emails, too, are appearing on the radar with increased frequency. Attackers send a phishing email which contains another email as an attachment, and it is the second message which contains malicious content. This technique, whilst not always successful, can make the detection of malware more difficult.
In addition, file-sharing services are being used more frequently in cyber attacks against the enterprise. The report says there has been a “dramatic increase” in the use of such services — including Google Drive and Dropbox — to deploy malicious payloads during phishing campaigns.
Business Email Compromise (BEC) scams have historically often involved spoofed emails and messages which impersonate the chief executives of companies to elicit funds from victim firms or to gain an entryway into corporate networks. According to FireEye, threat actors are now increasingly striking payroll departments by requesting changes to an executive’s personal information — which may include bank details — as well as through targeting weak links in the supply chain, such as by impersonating a supplier while in communication with an AP department.
“We’re seeing new variants of impersonation attacks that target new contacts and departments within organizations,” said Ken Bagnall, VP of Email Security at FireEye. “The danger is these new targets may not be prepared or have the necessary knowledge to identify an attack. Unfortunately, once the fraudulent activity is discovered, the targeted organization thinks they’ve paid a legitimate invoice when the transaction was actually made to an attacker’s account.”
Fortune 100 passwords, email archives, and corporate secrets left exposed on unsecured Amazon S3 server
Fortune 100 passwords, email archives, and corporate secrets left exposed on unsecured Amazon S3 serverSome of the world’s biggest companies have had 750GB worth of their innermost secrets revealed on unsecured Amazon S3 buckets, available for anybody to download – no...
New Microsoft Excel Attack SurfacesResearchers have identified a security hole in Microsoft Office’s Excel spreadsheet program that allows an attacker to trigger a malware attack on remote systems. A feature in Microsoft Office’s Excel spreadsheet program called Power...
2nd Florida City Pays Hackers, as 3rd City Faces BreachA second small Florida city this month has paid hundreds of thousands of dollars to hackers who took over most of its computer operations, an official said Wednesday, while a third Florida city said its data was...
Stay Up to Date With The Latest News & Updates
Join Our Newsletter
Get weekly tech updates and immediate alerts when there is a zero-day or security issue!