Hackers Turn to Shared Aliases in Casting Phishing Attacks—Proofpoint

Technology > Security

Software company Proofpoint revealed that hackers and other cybercriminals are using aliases to hide their identity from authorities / Photo by: David Whelan via Wikimedia Commons


Cybercriminal and hackers are shifting to shared aliases to cast phishing attacks on multiple targets at once, this according to a recent report from security software provider Proofpoint.

Such attacks are easier to conduct and Proofpoint notes that shared alias addresses (eg. sales@company.com) are usually public-facing. They also don't have a multi-factor authentication security feature because of the difficulty of implementing such a feature in shared email addresses, TechRepublic reports.

The Proofpoint report also noted that  "lower-level workers were targeted slightly more heavily than upper-management and executives," citing a trend against "whaling" (attacks that are aimed at executives or people with access to high levels).

According to TechRepublic, hackers attack employees of R&D or engineering 30 times more often than average, which indicates a possible use of phishing attacks as corporate surveillance instead of simply stealing company credentials.

Cybercriminals are reportedly ramping up in changing their targets. The Proofpoint report stated that only 13 percent of "addresses identified as the most highly targeted recipients during the quarter ranked as such in our last report, reflecting attackers' shifting focus."

Meanwhile, banking trojans are still the top threat to corporate security, seeing that the software provider's report indicated 56 percent of malware payloads. Among these payloads, the Emotet family—a malware program which obtains financial information—was estimated as comprising 76 percent of banking trojans in terms of volume.

Emotet is defined as a potent and well-developed malware family. It is deployed with two clusters for better resiliency, and the said clusters don't appear to not have originated from different operators. Attacks of this trojan malware have eventually increased, as per multiple reports from business tech news site ZDNet.

Proofpoint included in their report six strategies that can help organizations protect their systems:

a. Adopt a security posture centered around people.
b. Train users to identify and report malicious email.
c. Believe that users will likely click some threats.
d. Develop a strong, effective defense from email fraud.
e. Protect the organization's brand reputation and customer in channels beyond their ownership.
f. Partner up with a threat intelligence provider.