Over 90 Percent of Targeted Attacks start with Spear Phishing Emails

Companies must improve email security with better threat detection and superior “custom” defenses, urges Trend Micro

Category:

Marlow UK, 28th November 2012 – A staggering 91 percent of targeted attacks begin with a spear phishing email, according to new data collected by global security leader Trend Micro between February and September this year.

Spear phishing is an increasingly common form of phishing that makes use of information about a target to make attacks more specific and “personal”. These attacks may, for example, refer to their targets by their specific name, rank, or position instead of using generic titles as in broader phishing campaigns.

The end goal is to trick the victim into either opening a malicious file attachment or clicking a link to a malware- or an exploit-laden site, starting a compromise within the victim’s network.

According to the report, “Spear Phishing Email: Most Favored APT Attack Bait,” 94 percent of targeted emails use malicious file attachments as the payload or infection source. The remaining 6 six percent use alternative methods such as installing malware through malicious links.

"We fully expect to see a resurgence of malicious email as targeted attacks expand and evolve”, said Rik Ferguson, director of security research and communications at Trend Micro. “Experience has shown us that criminals continue to abuse tried and trusted methods to directly leverage intelligence gathered during the reconnaissance for targeted attacks. We have also seen that targeted attacks are evolving and expanding. The abundance of information on individuals and companies makes the job of creating extremely credible emails far too simple. It's a part of a custom defence that should not be ignored."

Notable highlights from the report:


Trend Micro offers “first line of defense” email security against spear phishing attacks
Organisations must be able to detect and block spear phishing attempts as their first line of defense against targeted attacks. As part of its Custom Defense against APTs launch in October, Trend Micro bolstered its suite of email security solutions to not only stop traditional threats, but also to identify highly targeted, acute email attacks.

Unlike standard email security solutions that are unlikely to detect spear phishing emails associated with APTs, Trend Micro’s email security products automatically send suspicious attachments to Deep Discovery for analysis in customer-defined sandboxes and block spear phishing emails in-line. Beyond email threat detection and protection, Deep Discovery automatically issues custom security updates to other security layers throughout the organisation’s network. Moreover, it correlates local findings with Trend Micro’s global threat intelligence - to offer security teams valuable info on the nature and extent of the attack, and who is behind it. This custom insight enables organisations to better respond and protect against further attack.

Trend Micro’s email security products that are equipped with spear phishing protection include:


The full report, “Spear Phishing Email: Most Favored APT Attack Bait,” is available here.
More information on targeted attacks in this video.


About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, Trend Micro™ Smart Protection Network™ provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.

All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.

For more information, visit www.trendmicro.com/en_gb/. Or follow our news on Twitter at @TrendMicroUK.