According to a report from security service provider Proofpoint, the Media Spear Phish method of attacking a business is the most harmful and common email attacks used against businesses across a number of verticals.
The report is based on a survey conducted across various vertical sectors including healthcare, financial and pharmaceutical as well as observing attacks including phishing email attacks, social media exploits and other types of malware attacks.
Following the Media Spear Phish, Breaking News Longline, where a large real-life news story is used by hackers to offer information via email, stood as the second most common email attacks, wherein the attackers used news like the Boston Marathon bombings as the largest malware phishing campaign.
Payment Longline that offers customers with details of orders appearing to be from trusted sources is third most dangerous form of attack.
Proofpoint EMEA Director Mark Sparshott said today’s mobile and remote working habits also means that nearly 1 in 5 clicks on malicious URLs happen off-network, bypassing traditional security controls such as Web Gateways, IDS and Firewalls.
"Hackers know security teams are struggling to bridge the ‘off-network security gap’ and so often prey on this area by sending emails on a Friday evening knowing that some of their targets, particularly senior employees, diligently check their emails over the weekend," Sparshott added.
"Research into disclosed breaches shows that 66% go undiscovered for months with the average hacker spending eight months on a victim’s network before being discovered."
"However with the lack of visibility from the in-house security teams have means that 63% of breaches are disclosed by 3rd parties instead, typically via the press which is particularly damaging on goodwill and customer confidence."
"Whilst the number one focus should be prevention, early detection of successful breaches should not be far behind in the list of priorities."
Other attacks that were used include Watering Hole Attack as well as the Social Network Longline.