An Introduction to The Attack Types
Email attacks can be very complex, government sponsored, credential phishing based zero day attacks. Or they can be as simple as a faked invoice.
They can come from a malicious script running in an excel document. Or a simple fund request from a relative who happens to be a Nigerian prince.
For awareness purposes here are the most important threats that you need to be aware of. It’s worth stating in advance, we won’t go too deeply into the technical aspects of the threats and tools as they likely serve no one besides IT admins, security strategists, or developers. The objective is to highlight the basics of the attack to enable you to be aware of what you need to look out for.
419 Scams and Romance Scams
“I’m a prince. And I need your help getting my money.”
One of the older scams around, this classic involves conning a susceptible victim into believing that they will receive a big payoff if they send the “prince” a few hundred dollars to help them unlock their money.
In a similar vein romance scams will aim to extract money from lonely victims that have been led to believe they have found true love and even a (very pretty) bride. Both instances fall into the category of the criminal sending out bulk spam emails and expecting only a very small response rate. But with this spray and pray approach there are always a few who will take the bait.
Phishing Attacks
Phishing is the number one entry or starting point for most cyber threats today.
It is probably the most important attack to pay attention to. Most people will assume that they know enough about 419 scams to feel secure. With Phishing, there are a large variety of vectors, with criminals using many social engineering techniques to bypass even the most cynical eyes. Phishing, as the name implies, is the process of baiting the recipient, in this case with an email, to get the user to give up confidential information. Two major forms of phishing are Spear Fishing and Whaling or Business Email Compromise.
Spear Phishing
Targeting individuals based on research, impersonating either a brand or other known entity, with the goal of acquiring confidential information or installing spyware.
Business Email Compromise, CEO Fraud, Whaling
Similar to Spear Phishing, in that it is generally well researched, this form of fraud is targeted at senior management, often using legal language, urgency or other tactics, to get payments, credentials or install malware.
These scams are not reserved for any individual groups, and have been applied to wide range of targets. Phishing is an especially menacing threat. Many of the major breaches and cyber attacks that began with emails were phishing emails.
Zero Day and Other Trojans
Zero Day Attacks are a prime example of how email security threats can have dire implications far down the line. A malicious email starts off a string of events, whether via a URL or an attachment, and hides unseen on your computer or network. While they can be active or dormant, for months or years, the criminals can extract your data without you knowing it. This can be information about your business or data on your customers such as credit cards, social security information and more. By the time you catch the malware the damage is done, entirely because – in the case of a zero-day – the publisher is not aware of the vulnerability or availability of an exploit until after the attack occurs.
Ransomware
Ransomware is probably the most well known of the email security threats.
This is likely due to the headlines it makes – though few people would probably think of it as an email based threat. Whether as an attachment, malicious link or a phishing email, it will most often be an email that led to getting infected. The victims will unknowingly download something, or click through to malicious website. The end result is that the victim will be locked out of their computer and their data until they pay the ransom, pay the consultants or, if they’re lucky, figure out a way to recover their data through other methods. The FBI advises victims not to pay ransoms, even though not paying can be much very painful and expensive.
The reason they advise against it is that:
1) there is no reason to trust that any criminal will restore your data,
2) the ransomware might by default have erased your data,
3) it encourages further attacks.
The best preventative measures from ransomware is to backup, backup and backup again. If your data is obfuscated by a criminal for any reason, you will at least have your backup available.
Other Malware
There’s a whole slew of other malware, viruses, spyware and more that can be a threat to you and your organization, but the basic awareness of the above is sufficient to give you the confidence to understand the key vectors that make email dangerous.
Attacks are in a constant state of evolution. Some, like romance or 419 scams, still exist in their near original form. But for criminals to ensure effectiveness of attacks, they need to evolve to take advantage of holes in their victims’ security. For this reason, after understanding the attacks that criminals might launch, it is essential to understand the primary tools they will use for the wide range of potential attacks.
Prefer to take our email security
program by email? Subscribe here:
