Phishing On The Rise, CEOs Most Likely To Be Spoofed

Cybercriminals are shifting tactics and prioritizing phishing-related scams, according to a recent RiskIQ report.

Malvertising activity -- described by RiskIQ as phishing scams, exploit kits, and malware -- has risen 19% since the first quarter, according to the study. Although malvertising overall is on the rise, the use of malware and exploit kits have actually both decreased over the past quarter. The RiskIQ report suggests that cybercriminals are switching tactics to prioritize phishing-related scams, as phishing has increased 131.36% quarter-over-quarter.

CEO email addresses are the most likely to be spoofed, according to Trend Micro’s 2017 Midyear Security Roundup: The Cost of Compromise report, and CFOs are the most targeted members of an organization. This type of business email compromise (BEC) scam relies on social engineering, so cybercriminals are pretending to be a company’s CEO to trick the finance department to release confidential information.  



"Phishers know that CEOs command deep respect,” explains Alexander García-Tobar, CEO and co-founder at ValiMail. “When people get an email that looks like it's from the CEO, they tend to act on it. That's because, in their minds, the risk of not acting on a real CEO email is greater than the off chance that this may be a fake email.” 

García-Tobar says this kind of attack is growing because current security methods are not effective against impersonation.

“There's no malware to filter and no keywords to block,” he says. "Only email authentication stops these kinds of attacks.”

ValiMail automates the email authentication process, which helps ESPs differentiate legitimate email from nefarious content and, thus block phishing attacks. There are multiple levels of authentication, including SPF and DKIM, but García-Tobar says DMARC is critical to truly protect organizations from email-based fraud.

"Email authentication with DMARC, when set to an enforcement policy, protects CEOs -- and all company employees -- from all impersonation attempts using their domain names," says García-Tobar.


Next story loading loading..