Aggressive breed of phishing attacks underway: Trend Micro

Claims more than 90 per cent of targeted attacks derived from spear phishing emails

An aggressive breed of phishing attacks is well underway, with 91 per cent of targeted attacks derived from spear phishing emails, according to Trend Micro.

Its recent study, Spear Phishing Email: Most Favored APT Attack Bait, analysed targeted attack data collected between February and September this year.

According to Trend Micro, the finding reinforces its position that these attacks often begin at a very simple point of contact or an exploit-laden site, starting a compromise within the victim’s network. The report also found that 94 per cent of targeted emails use malicious file attachments as the payload or infection source. The remaining six per cent use alternative methods such as installing malware through malicious links that download malicious files. Trend Micro A/NZ senior threat researcher, Jon Oliver, said spear phishing is the first step in the most sophisticated forms of cyber-attack. “Phishing in general has become more sophisticated, with these email attacks significantly increasing in number and maliciousness in 2012. They are now more likely to induce users to click on links and open attachments,” he said.

Oliver added that organisations need to ensure their email infrastructure is as secure as possible, and should educate their users about what email is safe to click on and which attachments are safe to open.

Other findings from the study include:

  • The most commonly used and shared file types accounted for 70 per cent of the total number of spear phishing email attachments during the monitored time period. The main file types were: .RTF (38 per cent), .XLS (15 per cent), and .ZIP (13 per cent).
  • The most highly targeted industries are government and activist groups.
  • Three in four of the targeted victims email addresses are easily found through Web searches or using common email address formats.

2014 ARN Women in ICT Awards - Nominations close October 27!: Nominations have opened for WIICTA 2014 and will stay open until October 27. But don't be late, be among the first in and NOMINATE NOW!!!

Tags findingssecuritytrend microstudyphishing

Comments

Comments are now closed

 

Latest News

02:28PM
NBN Co posts $252 million loss in first quarter
01:44PM
Zellabox named finalist in RBS Innovation Gateway
12:14PM
McAfee targets SMB with new security suites
10:38AM
DataCore inks multi-year Transdev contract
More News
23 Oct
NewLease & Microsoft Technical Sessions
23 Oct
NewLease & Red Hat Breakfast Briefing (Sydney)
29 Oct
NewLease & Microsoft Technical Sessions
30 Oct
Ovum 2020 Telecoms Summit
View all events