View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Middle-managers hit by shapeshifting hackers

Cybercriminals adopt new tactics to thwart education efforts.

By

Hackers are shifting their attacks to middle-managers in a bid to steal more cash from corporations, according to the security vendor Proofpoint.

Despite starting last year reliant on social media lures, the cybercriminals were found orienting their campaigns towards business and financial access, with schemes involving social media falling by 94%.

Kevin Epstein, VP of advanced security and governance at Proofpoint, said: "The only effective defence is a layered defence, a defence that acknowledges and plans for the fact that some threats will penetrate the perimeter.

"Someone always clicks, which means that threats will reach users."

In further evidence of a move away from opportunistic campaigns, the hackers behind the campaigns investigated by Proofpoint were found finely adapting their strategy to hit the intended target.

The vendor found the hackers had upped their use of attachments, e-fax and voicemail, and were also sending their messages to correspond to when targets were sending and receiving lots of emails.

Even though cybersecurity staff persistently warn about spam messages, one in 25 of the malicious emails found by Proofpoint had their links clicked.

Content from our partners
Unlocking the value of artificial intelligence and machine learning
Behind the priorities of tech and cybersecurity leaders
Corporate ransomware attacks: It’s only a matter of when, not if

Departments like sales, finance and procurement were also said to be 50-80% more likely to click on bad links than other parts of the business.

"Every company still clicks; every department and industry is still at risk (though financial industries and sales and marketing continue to be the top target areas)," Proofpoint said.
"Attackers continue to shift tactics to play on human weaknesses as they siphon money and data from organisations."

The company argued that workers’ training in spotting previous signs of malicious emails had been undermined because of the development of new tactics.

Among the tactics used to steal credentials was a phishing page that spoofed Microsoft Outlook Web Access, a widely used remote login system for email.

"The central lesson of 2014 for CISO’s [chief information security officers] is that while user education may have an impact, attackers can always adapt and adjust their techniques more rapidly than end-users can be educated," Proofpoint said.

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU