The Israeli anti-email phishing solution company IRONSCALES published a report, which states that spear-phishing attacks have become much more focused. A lot of recent campaigns are aiming mostly at a small number of inboxes, which belong to the targeted organizations.
For a year, IRONSCALES has analyzed data from 500,000 inboxes of more than 100 of its clients. Out of 8,500 emails that managed to bypass spam filters, 77% targeted only 10 inboxes or less, and 1/3 of the messages targeted only one particular inbox. According to experts, attackers have been targeted fewer inboxes as their campaigns have a bigger chance to remain undetected if they use “hyper-personalized” emails.
Moreover, a study conducted by the anti-email phishing company showed that 65% of the attacks lasted up to 1 month, and almost 50% only lasted for less than a day. Out of the attacks which lasted more than 1 month, roughly 1/3 spanned across a year or longer.
The researchers also noticed that attackers have increasingly aimed blast campaign at less than 10 inboxes at a time. Malware drip campaigns, however, which are tailored to the recipient, have a much bigger chance at going around spam filters and usually last longer.
The IRONSCALES`s report also shows that almost 95% of the phishing are a part of campaigns which rely on messages that impersonate someone from the organizations. Emails which feature the name of popular brands are more likely to be detected by spam filters and that’s why they are less common. IRONSCALES states that for every 5 brand-using attacks that were caught by spam filets, 20 spear-phishing messages were able to bypass them. The most spoofed brands are Google and DHL and the most targeted departments are finance and operations.
“Sophisticated email phishing attacks represent the biggest threats to organizations of all sizes.” – said the founder and CEO of IRONSCALES, Eyal Benishti – “This report verifies that attackers have adopted numerous tools and techniques to circumvent traditional rules-based email security and spam filters. It’s now incumbent upon all organizational leaders to make sure that their employees are well-trained in phishing mitigation and that the cybersecurity technology in place is sophisticated enough to identify, verify and remediate email phishing attacks in real-time.”