Cybercriminals are targeting finance teams with attacks designed to intercept their emails and divert client payments into the hackers’ bank accounts, according to new research.
bluedog Security Monitoring has noted a 22% increase in the second quarter of the year in phishing attacks which aim to hijack email accounts. It says every single company is now being targeted at least once a week and in some cases, employees are receiving five or six such emails a day.
“Once the attackers get inside a mailbox, they can see the type of work the person does from the messages within it,” said Tim Thurlings, CTO of bluedog.
“They can then change the mailbox settings and set up a ‘forward and delete’ rule. That means any emails the employee sends out are automatically forwarded to the hacker who can then amend the bank account number or insert a request to change the payment details before sending on to the victim.
“It is difficult if not impossible for victims to detect a fraudulent email like this as it looks to all intents and purposes as if it has come from the company’s address. And as the original email is automatically deleted from the sender’s mailbox, there is no record of what has happened, unless you have some type of security monitoring in place.”
bluedog has also detected a rise in brute force attacks, usually automated attacks where the ‘robot’ tries repeatedly to guess the employee’s Microsoft 365 log-in. Again, fraud is the main driver. It says 66% of companies it monitors have been subjected to these in the second quarter, up from 48% in the first three months of year. In total, around 8% of companies have been successfully breached.
Copyright © 2018 RegTech Analyst
