Avanan, a cloud security risk-management platform specializing in the protection of email, messaging, and file-sharing, released its “Global Phish Report 2019”. The report analyzes more than 55,000,000 emails sent to Office365 and GSuite for evidence of phishing attacks.
The report gives enterprise businesses a peek behind the curtain of the current techniques fraudsters use to conduct successful phishing attacks. According to the report, they should be paying attention. There is currently a trend towards email phishing attacks, and it is unlikely to abate anytime soon.
“Over the past decade, phishing attacks have become the most widespread email threat to organizations around the globe,” the report states.
Office365 Security Tools Inadequate
The key finding of the report is the number of holes in Office 365’s detection of phishing emails. The data shows the fraud prevention tools native to the program could not identify 30.5% of phishing attacks. That means nearly 1 in 3 phishing emails were successfully delivered to the recipient’s inbox.
In addition, the report highlights the use of “obfuscation” by fraudsters. This technique involves “obfuscating” malicious URL links — meaning changing them to the point Office365 does not recognize them. This gives thieves the option of using known malicious links, often used in large-scale fraud attacks such as “NoRelationship” and “BaseStriker”.
“One in every 99 emails is a phishing attack, using malicious links and attachments as the main vector” the report states. “Of the phishing attacks we analyzed, 25% bypassed Office 365 security, a number that is likely to increase as hackers design new obfuscation methods that take advantage of zero-day vulnerabilities on the platform”
A Breakdown of “Phishing Vectors”
The report also provides merchants with a breakdown of the current ways fraudsters conduct these kinds of attacks and the most common indicators to look for in order to detect them, including:
- Spearphishing. Targets employees with access to financial records and accounts.
- Extortion. Blackmails employees with the release of personally embarrassing information.
- Credential Harvesting. Uncovers the usernames and passwords needed to enter key accounts.
The report stresses the need for enterprise businesses to take the problem seriously. According to the data presented, an over-reliance on the native fraud prevention tools in email clients leaves businesses vulnerable to attacks.
“Phishing attacks are becoming increasingly sophisticated and difficult for humans and machines alike to detect”, the report states. “Employees are bombarded with spearphishing, extortion, credential harvesting, and malware attacks. Yet Office 365 and Gmail cannot reliably bloc emails containing malicious language, links, or attachments.”