Spoofed email phishing scams can be hard for end users to identify. The scams involve sending a phishing email to a user and making the email appear as if it has been sent by a known individual. This could be a known contact such as a supplier, a work colleague, a friend or family member, or a well-known company.
These phishing campaigns abuse trust in the sender and they are highly effective. Many end users are warned never to click on links in emails or open email attachments in messages from unknown senders, but when the sender is known, many users feel that the email is safe.
One of the most effective spoofed email phishing scams involves impersonation of the CEO or a high-level executive such as the CFO. This type of scam is often referred to as a business email compromise scam or BEC attack. A message is sent to an employee in the accounts department requesting an urgent wire transfer be made along with the account details. The attacker may first start an email conversation with the target before the request is made. No employee wants to refuse a direct request from the CEO, so the requested action is often taken.
Over the past few months, sextortion scams have grown in popularity with cybercriminals. Sextortion scams are those which threaten to oust the victim unless a payment is made. This could be disclosing the user’s internet browsing habits (dating sites, adult sites) to a spouse, work colleagues, and family members. There were many of these scams launched following the hacking of the Ashley Madison website when details of users of the site were dumped online.
Several sextortion scams have been detected in the past few months which claim that the sender (a hacker) has gained access to the user’s computer and installed malware that provided access to the webcam, microphone, and internet browsing history. The email message informs the recipient that they have been recorded while viewing adult websites and a video of them has been spliced with the content they were viewing at the time. The attacker threatens to send the video to every one of the user’s contacts on email and social media accounts.
Two recent sextortion campaigns have been detected that spoof the users own email address, so the email appears to have been sent from their own email account. This tactic backs up the claim that the attacker has full control of the user’s device and access to their email contacts. The reality is the email header has just been spoofed. Additionally, the user’s password is included in the message, which has been obtained from a past data breach. The password may not be current, but it may be recognized.
A check of the bitcoin wallet address included in the emails for the blackmail payment shows these scam emails have been highly effective and several victims have paid up to avoid being outed. One campaign netted the attacker $100,000 in one week, another saw payments made totaling $250,000.
These spoofed email phishing scams are not difficult to block, yet many businesses are vulnerable to these types of attacks. Security awareness training for employees is a must. If employees are not taught how to check for spoofed email phishing scams, they are unlikely to recognize threats for what they are. Even so, it is difficult for an average employee to identify every possible phishing attempt, as phishing email simulations show.
What is needed is an advanced spam filtering solution that can detect spoofed email phishing attacks and block the malicious emails at source to prevent messages from being delivered to inboxes. SpamTitan Cloud, for instance, blocks more than 99.9% of spam and phishing emails to keep businesses protected.
If you want to keep your business protected and prevent these all to common spoofed email phishing attacks, give the TitanHQ team a call. A member of the team will be happy to talk about the product, the best set up for your organization, and can arrange to give you a full product demonstration and set you up for a free trial.