Employees Are Top Targets of Phishing Emails
October 09, 2012
Download the infographic: Covert Arrivals: Targeted Attacks via Employee InboxesIn a world where fast Internet connection is a must for a company, responding to emails from across continents, cities, or cubicles is an easy thing. Unfortunately, this is not only great for real-time office interaction, but also perfect for attackers who have picked spear phishing as their favorite point of attack.
Spear phishing emails usually come posing as legitimate and basic messages employees see day after day. If sent to tired or unknowing recipients who give in to their lure, these messages can easily be the bearers of sophisticated malware designed to lay in stealth while eventually siphoning off sensitive company information.
Notably, most work emails sent daily revolve around sensitive compensation issues, merger and acquisition activities, potential layoffs and reorganizations, product road maps, and budget plans. Attackers can simply draft a message in any of these common contexts and easily gain the attention of its recipient.
It’s also common for malware in spear phishing emails to exploit a vulnerability, drop a file, download a file, or communicate with a remote server—any which way, it can then start to gather information about a company and scour the network for available information for sabotage, espionage, or monetary purposes.
See how email threats work for targeted attack campaigns on this infographic.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
Posted in Cyber Attacks, Infographics, Targeted Attacks
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases