Business Apps Spoofed in 45% of Impersonation Attacks
Business-related applications like those from Microsoft, Zoom, and DocuSign are most often impersonated in brand phishing attacks.
Criminals launching impersonation phishing attacks prefer to spoof business-related apps from Microsoft, Zoom, and DocuSign, researchers report in a new email security survey.
Enterprise applications are spoofed in 45% of impersonation phishing attacks, GreatHorn researchers say. Social media-related apps such as Facebook, LinkedIn, and Twitter are seen in 34% of these attacks, and consumer apps such as Amazon and PayPal are seen in 20%, they note.
Email security is the top priority for IT and security teams this year, they report, but only 9% of respondents are most worried about brand impersonation attacks. Most (22%) say their greatest concern is people impersonation attacks, in which fraudsters send emails pretending to come from executives, vendors, or human resources or finance teams. Other top concerns include payload attacks (21%) and wire transfer requests (14%).
It's worth noting that phishing campaigns rarely use one technique, researchers say. More common are multipronged attacks that may prompt an email recipient to click a link and/or download an attachment, all while pretending to be from a person or brand.
Access the full report here for more details.
About the Author
You May Also Like
The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024