Social engineering cyber attacks up considerably in Q1: FireEye
There has been a significant increase in social engineering attacks globally in the first quarter of 2019, the intelligence-led security company FireEye said on Tuesday, adding that spoofed phishing attempts, HTTPS encryption in URL-based attacks and Cloud-based attacks focused on publicly hosted, trusted file-sharing services are on the rise.
There has been a 26 per cent increase in malicious URLs using HTTPS, a 17 per cent rise in phishing attempts, significant increase in file-sharing service exploitation, and new impersonation techniques in Q1, said the "FireEye Email Threat Report" that analyzed a sample set of 1.3 billion emails.
"Threat actors are doing their homework. We're seeing new variants of impersonation attacks that target new contacts and departments within organizations," said Ken Bagnall, Vice President of Email Security at FireEye.
"The danger is these new targets may not be prepared or have the necessary knowledge to identify an attack. Unfortunately, once the fraudulent activity is discovered, the targeted organization thinks they've paid a legitimate invoice, when the transaction was actually made to an attacker's account," Bagnall said in a statement.
A typical phishing email impersonates a well-known contact or trusted company to induce the recipient to click on an embedded link, with the ultimate goal of credential or credit card harvesting.
During the Q1, the top spoofed brands across these activities included Microsoft, with almost 30 per cent of all detections, followed by OneDrive, Apple, PayPal and Amazon, each within the 6-7 per cent range.
In 2018, FireEye reported that URL-based attacks had overtaken attachment-based attacks as a means of delivery. This trend continued in Q1.
"Notably, FireEye saw a 26 per cent quarter-over-quarter increase in malicious URLs using HTTPS. This indicated malicious actors are taking advantage of the common consumer perception that HTTPS is a 'safer' option to engage on the Internet," said the company.
Cloud-based attacks, particularly those leveraging file-sharing services, increased in the first quarter.
"Analysis of Q1'19 emails showed a dramatic increase in links to malicious files posted to popular and trusted file-sharing services, such as WeTransfer, Google Drive and OneDrive. Dropbox was the most commonly used," the findings showed.IANS