Cybercriminals masquerading as MFA vendors

Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE.

Attachment-based malspam is on the rise

• Financial institutions (48%) are still the most targeted sector by a wide margin.
• Insider attacks now take on average 85 days to contain – up from 77 days the previous year.
• The most common phishing links are compromised websites (52%), newly registered domains (39%), and subdomain cybersquatting (9%).

The report also concluded that attachment-based malspam is on the rise, by a significant 22% when compared to malspam with links. Not to be forgotten, the technologically static attachment still is a popular nesting ground for malicious scripts and macros. Also, the US overtook Russia as the top spam originator among VIPRE customers. However, look with scrutiny: most of the world’s servers are in North America, so you can’t always take a US IP at face value.

“It’s one thing to get a siloed view from a single customer. It’s another to get a year’s worth of data from thousands of email clients across the globe,” said Usman Choudhary, chief product and technology officer at VIPRE. “You can speculate about emerging threats all you want, but the facts don’t lie.”

“It takes international resources, experienced analysis, and enterprise-level technology that only an experienced email security provider can offer to create a report like this. We know the experience we have in this space is unique, and the SME community might not get this type of information elsewhere, at least not on the scale or with the scope that we can offer it and we’re pleased to make this valuable resource available.”

Emerging email-based threats

To combat emerging email-based threats, VIPRE’s report highlights four recommendations that will enable businesses and their employees to fortify themselves against opportunistic email attacks:

Cybercriminals are posing as MFA vendors. Think twice before you open Push notifications: Black Hats are jumping on the security bandwagon and posing as White Hat technologies. Accept a Push from the app only and beware of texts and pop-ups.

Watch for an uptick in job-related spam. Cybercriminals know you (and everyone else) are looking for remote jobs and willing to interview online. Know the signs of fraud and how to keep professional platform interactions above-board.

Spotify outranked Microsoft as the most spoofed brand. Stay leery when renewals time comes around: You’re not the only one with the date on your calendar. Even though it’s not a haul, cybercriminals are happy to get paid via a subscription-based model.

As-a-Service models are out-of-control. Get ready for even more shotgun-spray attacks as the underground as-a-Service economy makes it easier than ever for novices to become bad guys. With a lower bar to entry, more will play, and SMBs will be at the top of beginner’s hit lists.