IT Support &
How to prepare for the latest email impersonation attacks
Cyber-criminals are using more sophisticated tactics which include email impersonation attacks. These social engineering attacks use human psychology rather than traditional technical hacking techniques. They manipulate users into divulging confidential information by impersonating a trusted party.
Even with the highest levels of security, businesses can be left exposed if an employee is tricked into clicking on a malicious link from a supposed Facebook friend, LinkedIn connection or even a C-level executive. Increasing awareness has never been more important. A recent Mimecast report revealed a 400% rise in email impersonation attacks in the last quarter.
Common Impersonation Attacks
Social networking sites have facilitated social engineering attacks. Cyber criminals are taking advantage of sites like LinkedIn to create lists of company employees and gather detailed information. This increases the credibility of attacks.
Common impersonation approaches include:
- Emails from a friend: if a cyber-criminal compromises an email account, they can access all their contacts. They can then send messages from these contacts asking users to click on a link, download a file or request urgent help.
- Phishing attempts: these messages ‘appear’ from a legitimate company, bank, school or institution. They often explain there is a problem and request you to ‘verify’ information by clicking on a link.
- High-level executive requests: often referred to as ‘whaling’, these messages appear highly credible and impersonate senior level executives requesting a wire transfer or data transfer.
When it comes to email impersonation, social engineers leverage both fear and curiosity. This makes detection more difficult unless a user is alert to them. Awareness is therefore the number one defensive measure.
Top Tips to Protect against Email Impersonation Attacks
- Educate and inform employees: train users on how to recognise impersonation emails and avoid falling victim to them.
- Take a step back: spammers want you to act first and think later. If a message conveys a sense of urgency, don’t be pressured – take a step back and review the situation.
- Research the facts: be suspicious of unsolicited messages. If an email appears from a genuine company, do your own research. Use a search engine to visit their website or a phone directory to find their phone number, rather than clicking on links.
- Make faking messages difficult: use customised stationery and unique identifiers in messages to make it more difficult for cyber-thieves to copy.
- Invest in email security: use advanced email gateway technology to identify and quarantine suspicious messages through names, domains and keywords. Install anti-virus software, firewalls and email filters and keep these up to date.
- Review existing processes and procedures: consider separating duties and changing authentication and approval methods by adding a second signature or lowering the value required for secondary approval.
Social engineering attacks are on the rise. Through a combination of awareness, technology and better internal systems and processes, it is possible to reduce the risks and protect your business from financial and data loss.