The word ‘impersonation’ refers to the act of pretending to be another person for a purpose or fraud. Impersonation attacks are a form of cyber-attacks where attackers send emails that attempt to impersonate an individual or company for gaining access to sensitive and confidential information. One of the popular forms of impersonation attacks is CEO frauds or business email compromise (BECs).
Till this date, a 70% rise was observed in the number of impersonation attacks.
Globally, BEC attacks caused $12.5 billion of financial loss within the period of one year resulting in businesses losing valuable data, customers as well as money in the process.
Within a period of past 12 months, it has been revealed that 94% of organizations have experienced phishing attacks with 45% of the organizations witnessing a visible increase in spear-phishing attacks with malicious URLs.
Over one-third of the organizations saw an increase in the number of attackers trying to gain access to sensitive and confidential information including theft of sensitive intellectual property or login credentials via email-based spoofing.
Impersonation attacks are a form of social engineering attacks where attackers use manipulation to access information. Attackers are required to do background research on the intended victim. A successful impersonation attack occurs in three steps. It includes:
- Targeting the victim
The most important step in deploying a successful impersonation attack is doing background research on the probable victim. In this era of technology, finding someone’s personal information is not a very difficult task. Social networking platforms such as Facebook, Instagram, Twitter etc. are some of the mediums that can provide victim’s personal information.
- Trust building
Once the attacker gets his hands on the required information, the next step is to build a relationship of trust with the victim. The attacker will impersonate someone who knows the victim.
- Deploying the attack
Once the attacker builds up a relation of trust with the victim. Attacks are deployed by majorly using three tactics. This includes:
By Registering a look alike Email Domain
The attacker can register an email domain that is similar to the actual email domain and create a new email ID using a name that is similar to the name of the person who is being impersonated.
Manipulating the Display Name
Majority of the mobile email clients only display the name of the sender, thus, making it very easy for the attacker to edit the display name and manipulate the victim. However, in desktop email clients, both the display name and email id of the receiver are shown and thus, this attack methodology is not very successful.
Using a Free Email Account
Attackers send messages through free email account such as Gmail, Yahoo etc. The sender indicates that the victim has been locked out of their official account and need immediate help for getting the task done.
What can be done to avoid such impersonation attacks?
Providing cyber security awareness and training to employees
Organizations should take initiatives for providing proactive cyber security awareness training to the employees. Cyber security awareness and training tools such as ThreatCop, enable employees to learn about cyber-attack methodologies and the different ways in which these attacks can be deployed on them.
Building cyber resilience strategy
It is important to build a cyber resilience strategy that can help in enhancing the cyber security of the organization including email domain security, web security, network security, endpoint security as well as data backup and recovery.
Business Contingency Plan
Each business must formulate a business contingency plan in case your organization suffers from an unexpected event or situation. The purpose of a business contingency plan is to establish a strategic framework and response in order to recover from a cyber incident.
With the increasing sophistication in the attack methodologies, it has become vital for organizations to adopt security measures against cyber-attacks. Cyber security companies like Kratikal provide state-of-the-art cyber security products and services for boosting an organization’s cyber immunity against probable cyber threats.