Despite the rise of other means of communication email remains the most commonly used. This makes it attractive to cybercriminals as it offers an entry point to businesses and the gateway that employees rely on to do their jobs.
A new report from Abnormal Security highlights the attacks that we’re likely to see in the next year and shows the need for improved defenses, including the use of AI.
Cryptocurrency fraud tops the list, offering attractive potential to the victim and an easy route to revenue for the attacker. File sharing phishing comes next, using services like Dropbox, ShareFile, and Docusign which offer either free registration or no-charge trials. This allows senders to craft messages that avoid conventional filters because the malicious content isn't directly within the email.
Multichannel campaigns initiates contact through email but then steers the conversation to other channels, such as text messages, phone calls, or third-party messaging apps like WhatsApp or Telegram. This drives a sense of urgency and increases the chance of being able to deceive the target.
Business email compromise (BEC) is an old foe but the rise of AI has made it easier than ever to generate personalized messages that convincingly mimic the writing style of the impersonated individual.
Rounding out the five is account takeover (ATO), possibly the most dangerous email threat that organizations face, as it provides threat actors with unparalleled access to the company’s network and internal systems. It can be initiated using various methods, including phishing, social engineering, password stuffing, or session hijacking via authentication token theft or forgery.
The report warns, "The potency of these attacks lies in their ability to exploit trust. Whether impersonating known contacts, abusing compromised accounts, or weaponizing trusted platforms, attackers manipulate trust to breach defenses at every stage of an attack. The result is a threat landscape in which legacy security solutions, such as secure email gateways, are increasingly ineffective at detecting complex campaigns."
Guarding against these attacks requires a multi-pronged approach including security awareness training, but also incorporating AI to analyze identity, context, and content and build behavioral baselines to understand the organization's unique patterns of communication.
You can read more in the full report which is available from the Abnormal Security site.
Image credit: denismagilov/depositphotos.com