VIP phishing scams proliferated during fourth-quarter 2018, a period when people used email to gather online shopping receipts, shipping notifications, returns and holiday greetings, according to a study by INKY Technology Corporation.
Of the schemes studied, 12% took the form of VIP phishing attacks. These can be partly attributed to the “virtualization of corporations and the dispersal of staff,” the study states.
Ten percent of assessed phishing attacks are sender forgery and 6% were corporate email spoofing. In addition, 73% fall into the mixed bag category, which includes false invoices, voicemail or fax notifications with malicious attachments, and seasons greetings from the boss, accompanied by malicious downloads.
The corporate emails usually feature the name of a CEO or finance professional. These are often sourced from corporate filings or social media sites.
Some have headers such as “From: Mark Zuckerberg <firstname.lastname@example.org>”
In addition, the email addresses feature terms such as “CEO” or “exec” to sound official.
Many have a signature that seems to
suggest they were sent from a mobile device, implying they are unreachable by phone.
Another classic form is sender forgery. "This type of attack perseveres as contacts maintain personal and professional emails," the study states.
Often contacts "cycle through Gmail, Yahoo and other popular mail providers, making it difficult to distinguish a legitimate message from a phishing attack," the study states.
“Phishing attacks remain one of the largest threat vectors as cybercriminals have increasing access to sophisticated toolkits through the Dark Web and the human element remains the most porous aspect of cybersecurity,” states Dave Baggett, CEO of INKY.
He adds: “Even the most informed and vigilant members of an organization that take extra measures to practice proper cybersecurity posture can fall prey to phishing attacks that are becoming indistinguishable from legitimate channels of communication.”