FireEye Email Threat Update: How Attackers are Getting Ahead in the Cloud
Cyber security is one of the biggest topics of discussion in the world of technology today, specially when it comes to the security of the content we have on our clouds. Attackers are constantly adapting their tactics to get past email security defenses. Bad actors are following where the money goes, with an arsenal of tools at their disposal. That’s why as companies migrate to the cloud, we see more attackers exploiting cloud services to perpetrate their attacks.
At the GITEX 2019 event, FireEye has released its latest email threat update. The summary of their research is as follows –
Attackers Are Getting Ahead in the Cloud: As companies continue migrating to the cloud, bad actors are abusing cloud services to deploy phishing attacks. Some of the most common tactics include hosting Microsoft-themed phishing pages with Microsoft Azure, nesting embedded phish URLs in documents hosted on popular file sharing services, as well as establishing phishing URL redirects on popular email delivery platforms.
Microsoft Continues to Be the Most Popular Brand Used in Phishing Lures: A typical phishing email impersonates a well-known contact or trusted company to induce the recipient to click on an embedded link, with the ultimate goal of credential or credit card harvesting. During the evaluated period, FireEye saw Microsoft- and Office 365-themed phishing attacks increase by 12% quarter over quarter, as Microsoft continues to be the most popular brand utilized in phishing attacks, with 68% of all phishing detections.
Entertainment/Media/Hospitality Most Targeted Vertical: Q2 saw a shakeup in the most targeted vertical industries. Entertainment/Media/Hospitality has stolen the number one spot from Financial Services, which dropped to number two. Other highly targeted verticals for email-based attacks include Manufacturing, Service Providers, Telecom, State & Local Government, Services/Consulting, and Insurance.
Its clear, from this little pointer, that we need to take concrete steps to keeping our presence online, as safe as possible.