• Menu
  • Solutions
  • Partners
      Partner Program
      Reseller
      MSP
      Become a Partner
      Deal Registration
  • Gatelab
  • Insights
      News
      Resources
  • Company
      About us
      Careers
  • Contact
    Demo
Solutions
Partners
Partner Program Reseller MSP Become a Partner Deal Registration
Gatelab
Insights
News Resources
Company
About us Careers
Contact
Demo
Check out the key points from Europol's spear phishing report

Updated at: Nov 08, 2019

By Gatefy

Check out the key points from Europol's spear phishing report

Europol has released a new cybersecurity report, this time specifically on spear phishing. Yes, spear phishing scams are multiplying. By the way, spear phishing is defined as a targeted phishing scam. That is, it targets specific people within a company. The goal is to steal confidential information or distribute malware, such as ransomware.

In the report "Spear Phishing, a Law Enforcement and Cross-Industry Perspective", Europol says that "spear phishing is still one of the most common and most dangerous attack vectors seen by both law enforcement and industry".

The European Agency document is the result of a partnership involving more than 70 companies and organizations from different areas, from financial institutions to information security companies. In it, Europol highlights the concern and increase of spear phishing scams, defining the attack operation modes, giving security recommendations and citing cases as an example.

Carbanak and Cobalt malware

Speaking of examples, the document begins with the story of the arrest in 2018 of a cybercriminal group leader responsible for spear phishing scams using Carbanak and Cobalt malware. In recent years, the group has caused estimated losses of more than EUR 1 billion. Their way of acting was well defined.

“The group targeted ATM networks and financial transfers around the world by sending spear phishing emails with malicious attachments to bank employees”, explains Europol.

After machines were infected with malware, criminals stole money in 3 ways: money transfer, inflating account balances and controlling ATMs. Then, to launder the money, avoiding tracking, the stolen amounts were converted into cryptocurrencies.

Phishing: untargeted and targeted attacks

According to the report, about 65% of cybercriminal groups use spear phishing as a way to hack businesses and organizations. The document also points out that phishing is responsible for about 32% of breaches and is involved in 78% of cyberespionage incidents. In addition, 48% of the malicious files used in email phishing scams are Office files.

“Phishing can be the vector for fraud, extortion, espionage or other malicious cyberattacks. It is an attack with a variety of sophistication and purpose used by malicious actors ranging from script kiddies and fraudsters to serious organised criminal groups and nation states”, says Europol.

The agency also claims that phishing attacks are becoming increasingly sophisticated. Worse, they have been marketed through ready-made phishing kits, which makes them accessible for any cybercriminal, including those without a technical background.

In the report, there is a distinction between 2 types of phishing.

1. Untargeted phishing campaigns

Untargeted phishing campaigns are mass attacks that “aim to reach as broad an audience as possible with the goal of tricking recipients into clicking a link, opening a malicious attachment, disclosing sensitive information or transferring funds”.

2. Targeted spear phishing attacks

As its name suggests, targeted spear phishing attacks are focused campaigns that use a lot of social engineering techniques. “A great deal of knowledge about the targets (and target environments) makes social engineering highly effective and means that a smaller number of attacks can lead to a much greater damage overall”.

How spear phishing scams work

The success of spear phishing scams is directly linked to the human factor. That is, the cybercriminal must fool at least one employee of the company for the attack to succeed. It means that the more information he has about the victim, the company, employees, partners and customers, the better. This is why social engineering is so present in spear phishing cases.

Europol explains that there are, basically, 2 ways for a company to be hacked through phishing attacks. The first is by receiving, for example, a phishing email from an external domain. The second is an internal infection, meaning a phishing email is sent from an address that belongs to the organization. These cases, of course, are the most complex and difficult to detect.

BEC (Business Email Compromise)

BEC scams are examples of attacks sent from within the company itself. In most cases, attackers gain access to an employee's email account and use it for spear phishing scams.

“BEC is often aimed at convincing employees to transfer large sums of money to the criminal’s bank account, making use of the fact that an email coming from a trusted address – in many cases from a high-ranking staff member, such as the CEO – are typically met with little scepticism and significant trust. BEC has also been used to passively monitor an organisation’s activity for the purposes of intelligence gathering”, explains Europol.

Phishing features and how to identify fraud

The agency says that the most common phishing vector is email. And these messages often contain malicious URLs and files. In addition, they have other features, such as display name spoofing, imitation of legitimate email addresses, hidden links in text and images, and a sense of urgency. Cybercriminals will do their best to trick the victim into thinking it is a legitimate message.

According to the agency (and also the Gatefy team), the best defense against phishing scams involves the use of solutions that detect and block such threats, such as email security software. But not only that. It's also important to invest in security awareness. That is, employees need to acknowledge scams and report them.

Spear phishing report

If you would like to check out the full report, click here.


Latest posts

Main points of comparison between Brazilian LGPD and European GDPR

Main points of comparison between Brazilian LGPD and European GDPR

LGPD and GDPR determine how companies must handle and process such data, what rights the information owners have and what penalties apply if the rules are breached.

Tips to spot Black Friday scams.

5 tips to spot Black Friday scams

Black Friday is coming and that means the attractive pricing season has begun. Unfortunately, however, the Black Friday arrival also raises concerns.

Tricks used in emails to deliver malware

5 tricks used in emails to deliver malware

The combination of malware and email is a dangerous one. These terms are closely related to each other since email is the main malware vector.

Related posts

Phishing email: Your Amazon is being suspended Ransomware named top 2019 cyber threat, according to Europol A USD 26 billion scam, according to the FBI Check out the main cyberwarfare incidents from the past year Do you know how much a data breach can cost your business?
Back to News
Get the latest news and
reports about cybersecurity
Ready to get a free threat
assessment for your business?

Follow us

Follow us

Like us

Solutions Gatefy Email Protection Email Encryption Email Continuity DLP
Partners Partner Program Reseller MSP Become a Partner
Company About Us Careers Gatelab Contact
Shortcuts Support News Resources Partner Portal
Miami - USA
Tel +1 305 425 9040
Curitiba - BR
Tel +55 41 4042 8280
English ▾
Português
  |   sitemap   |   documentation   |   legal   |   © 2018 Gatefy - todos os direitos reservados