Identity Theft Email Attacks Rose In Third Quarter, Study Finds

Identity deception attacks are on the rise — they accounted for 62% of all phishing campaigns from July to September of this year, according to Agari’s Q4 Email Fraud and Identity Deception Trends report.

Brand impersonation campaigns fell 6% from the prior quarter, but emails pretending to be from individuals rose to 22% of all efforts, up from 12% in the same period.

"Malicious emails impersonating well-known brands are generally associated with credentials-harvesting schemes," states Patrick R. Peterson, founder and CEO, Agari. 

Peterson adds that "those spoofing trusted individuals are typically linked to more sophisticated, social engineering-based business email compromise attacks." 

However, there was a 2% decline in attacks launched from hijacked email accounts.

This may be due to the fact that cyber criminal groups are in intelligence-gathering mode in preparation for full-blown business email compromise attacks.

The report also reveals that:

  • Payroll diversions make up 25% of BEC scams, an increase of 5%
  • DMARC (Domain-based Message Authentication Reporting, and Conformance) adoption is up 49% over the past yearHowever, 84% of Fortune 500 companies remain at risk of brand abuse and phishing attacks against customers
  • There was a 6% rise in employee-reporting phishing attacks in the quarter, but false positives rose by 7%



Next story loading loading..