Malware less Emails: Cyber attackers’ invisible cloak

Cyber attackers have been known to move ahead with time. They observe the trends in the society, analyse the demographics and work on building up strategies that can help them achieve malicious intent. With the advancement in the strategies employed by the attackers, the cyber vigilantes are also becoming better at identifying these strategies and are coming up with methods to combat such cyber-attacks. This motivates the attackers to build up strategies that will be able to deceive such sharp brains. One such example is malware less emails.

With the changing times, attackers have started deploying malicious emails that do not contain malware. As of the statistics for the year 2018, phishing emails have increased by 40.9%. Out of these phishing emails, 90% of these emails were malware-less. 32% of the email traffic was given a clean chit and was directed to the inbox. This makes two-third of the emails unclean. These emails impersonate a legitimate identity or a company in order to trick organizations into revealing the confidential information. This kind of attacks use imitation login pages, fake requests as well as malicious links.

Why are attackers using malware less attacks?

Email security solutions are becoming focused on detecting malwares and this has been one of the biggest reasons for attackers to deploy attacks that are malware less.

What kind of malware less attacks are deployed by attackers?

Attackers are aware of the increasing cyber awareness amongst organizations and hence they have started shielding these attacks in the form of:

C.E.O. fraud: In a CEO fraud or business email compromise the attacker impersonates a CEO or senior executive of the organization. Attackers then manipulate employees and can compel them to do unethical and malicious activities.

Whaling: Whaling is a form of phishing attack that targets high profile employees such as the C.E.O. or C.F.O. for the purpose of stealing sensitive information.

Spear Phishing: Spear phishing is an email scam that targets individual, organization or business. The attacker impersonates a legitimate identity and redirects victim to phishing pages.

Credential Harvesting: In order to extract large number of credentials, attackers use DNS poisoning, phishing as well as other form of attack vectors for reuse.

W2 Scams: In this form of scam, attackers extract an organization’s W2 files that can provide them with information of current as well as past employees that usually belong to accounting department. The information include name, job title as well as contact information of at least one member of the upper management.

How can organizations prevent themselves against such attacks?

Encrypt files that contain sensitive information.

Limit the access of number of employees to classified information.

Organizations should train their employees with cyber security training and awareness program.

Use prevention and mitigation tools to prevent your organization from malicious entities.

Leave a Reply