View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Massive Phishing Attack Launched from High Cost, “Legitimate” Infrastructure

Unlike normal phishing attempts, the IP addresses, servers, and domain names used by the hackers appear to be leased and therefore legitimate.

By CBR Staff Writer

Predictive e-mail defense company Vade Secure said has uncovered a new wave of phishing attacks that targeted 550 million email users globally in Q1 of 2018, pushing incidents of phishing past malware attacks on its trackers.

Whilst the rise in phishing attacks has been well-reported, they are typically made from pirated websites, but as Vade notes, for this attack the IP addresses, servers, and domain names used by the hackers appear to be leased and therefore legitimate.

“Because the cost of the infrastructure is high, amounting to several tens of thousands of dollars, the attack is most likely being undertaken by a serious criminal organization”, the company said, adding that in order to jam detection tools, the hackers have used tools to shorten URLs and link several hundred URLs together, in order to hide the ultimate destination address.”

The phishing attack attempts to steal users’ bank account details by offering them a coupon or discount in exchange for participating in a quiz or online contest.

“The emails masquerade as popular brands, online streaming services, and telecom operators based on the country of the recipients. Examples include Canada Pharmacy in the US, as well as Orange and Carrefour in France. Moreover, the content of the messages is adapted according to the local language.”

An example of one of the phishing emails.

As a result, the attack was not detected by many existing email security solutions the company said, adding that it validates findings from Gartner that “advanced threats are easily bypassing the signature-based and reputation-based prevention mechanisms that a secure email gateway (SEG) has traditionally used.”


Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester


Lately, malware and ransomware have garnered the lion’s share of media attention thanks to a string of high-profile attacks, including the Quant Loader trojan, the resurgence of Wannacry, and the ransomware attack that crippled the city of Atlanta. Not surprisingly, Google Trends analysis reveals that web searches for malware have consistently outpaced those for phishing over the last 12 months, at nearly two to one:

“What’s fascinating is that despite all the hype surrounding malware and ransomware, phishing attacks are actually the bigger, more immediate threat to both consumer and corporate email users. According to data from the Vade Secure Security Operations Center, the number of unique malwares caught by our filter exceeded the number of unique phishing emails throughout 2017, spiking in November 2017. With the launch of this new phishing attack in January 2018, however, the volume of phishing emails surged past malware, representing a ratio of nearly 21:1 for Q1 2018,” the company said.



Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.