Phishing attacks usually target executives. These attacks are focused on high-ranking targets with extensive system access. However, this seems to be changing. Researchers from Avanan have discovered that almost half of all phishing email analyzed in recent months was designed to impersonate nonexecutives.
Moreover, more than three quarters (77%) of them targeted employees at the same level. This is a significant departure, and allows those behind phishing campaigns access to a larger number of victims. It is simple to see why this shift in focus has occurred.
It is summarized by Avanan researchers as:
"Security administrators might be spending more time giving extra attention to C-Suite, but hackers have adjusted. Non-executives also have financial access and sensitive information. Hackers realized that they don't need to reach the top of the food chain.
Hackers and scammers are increasingly relying on DocuSign emails spoofing to gain access.
DocuSign, a legit platform that digitally signs documents, is what you need to know. A scammer creates a fake DocuSign document, then sends an email asking for information to be updated to direct deposit information.
Although the DocuSign request appears legitimate from all appearances, there is an important distinction. A DocuSign email will not ask for login credentials. They will NOT ask for login credentials, but the spoofed ones will. This is done to allow hackers to steal those credentials.
This approach is hard to spot due to the volume and sheer number of business email messages that are sent daily. It's easy to forget the difference, which is why it has been so successful. Make sure that your employees are aware and vigilant about this threat. A moment of negligence could prove costly.
What businesses can do to reduce phishing emails
What would you guess is the number of phishing emails that are being sent each day worldwide?
You would be wrong if you guess less than three billion. On average, three billion per day. This is both frightening and depressing.
It's easy to believe that there is nothing you can do to lower your exposure or avoid getting phishing emails. But, the truth is that there are some things you can do.
DMARC stands for Domain-based Message Authentication Reporting and Conformance. This is a fancy way to say that only authorized senders can send emails from a particular domain. It helps prevent spam and also serves as a reporting tool.
DMARC enforcement effectively eliminates domain spoofing. This means that these emails will never be delivered.
Is this a good approach? According to the most recent statistics, domains that do not have DMARC are almost five times more likely to be targeted by phishing emails than those with it.
Alexander Garcia-Tobar, CEO of Valimail puts it this way:
"Privacy laws exist in Europe and in parts of the United States. If a company does business in these areas, a DMARC policy is necessary to enforce them. Companies can protect their customers and themselves by having valid email authentication. Emails can be sent without authorization, there are fines, confidential information is obtained, and reputations are damaged.
This policy is simple and makes perfect sense. You should immediately apply DMARC to domains that you control if you haven't already. Phishing emails are less effective the more domains you have. That's something everyone except hackers can agree on.
