Email Account Takeover: Defending Against Lateral Phishing
Accellis Technology Group’s trusted partner, Barracuda has released Volume 2 of the Spear Phishing: Top Threats and Trends report, Email Account Takeover: Defending Against Lateral Phishing. Barracuda defines lateral phishing as an effective way for attackers to leverage legitimate accounts compromised through email account takeover. The report takes an in-depth look at the latest tactics used by scammers and how to protect your business.
According to a study between Barracuda, UC Berkeley and UC San Diego, email account takeover uses legitimate enterprise email accounts they have compromised to send lateral phishing emails accounts to close contacts within an organization and to partners at other organizations. Because these lateral phishing emails come from legitimate email accounts, they can bypass many existing email protection systems and fool end-users.
The study spaning over 100 organizations, takes a detailed look at the dangerous nature of these attacks and analyzes the different strategies that attackers use.
- 1 in 7 organizations experienced lateral phishing attacks
- 11 percent of attacks successfully compromised additional employee accounts
- 42 percent of the lateral phishing incidents do not appear to have been reported by a recipient to the organization’s IT or security team
- 55 percent of the attacks in the study target recipients with some personal or work relationship to the hijacked account
- 63 percent of the lateral phishing incidents used generic and commonplace messages,
- 37 percent tailored their content to be more enterprise-oriented or highly specific to the victim organization.
- Roughly one-third of email account takeover attacks in our study engaged in additional behavior designed to make their lateral phishing emails stealthier or more convincing
Top 10 Most Common Words Used in Lateral Phishing Emails
- Document (89 incidents)
- View (76 incidents)
- Attach(56 incidents)
- Click (55 incidents)
- Sign (50 incidents)
- Sent (44 incidents)
- Review(43 incidents)
- Share (37 incidents)
- Account (36 incidents)
- Access (34 incidents
Timing of Attacks
- A full 98 percent of the lateral phishing incidents occurred during a weekday.
- 82 percent of lateral phishing attacks were sent by an attacker during the compromised account’s typical working hours.
How to Defend Against Lateral Phishing
- Security Awareness Training – Security awareness training for end-users regarding lateral phishing email attempts will help make these attacks less successful. Since lateral phishing attacks are sent from a legitimate—but compromised—account, users can often still carefully check the destination URL of any link before they click it to help identify a lateral phishing attack.
- Advanced Detection Techniques – With lateral phishing attacks becoming increasingly difficult to detect, organizations should invest in advanced detection techniques and services that use artificial intelligence and machine learning to automatically identify phishing emails.
- Two-factor authentication – To help mitigate the risk of lateral phishing use strong two-factor authentication (2FA), such as a two-factor authentication app or a hardware-based token if available.
Click here to see the full Barracuda: Defending against lateral phishing report
Do you have questions on how to protect your organization from lateral phishing and spear-phishing attacks? We want to help! Fill out the form below and Cybersecurity expert will reach out at your earliest convenience to answer your questions.