6,170 malicious accounts hacked 1 lakh business emails: Report


New Delhi, Aug 6 (IANS): US-based cyber security firm Barracuda Networks on Thursday said it has identified 6,170 malicious accounts (mainly Gmail) responsible for over 1 lakh business email compromise (BEC) attacks on nearly 6,600 organisations to date this year.

Barracuda researchers found that in many cases, hackers were using the same email addresses to attack different organisations.

The number of organisations attacked ranged from one-to-a-one mass scale attack that impacted nearly 256 organisations overall.

"Malicious accounts were responsible for 45 per cent of all BEC attacks detected since April 1. These repeat offenders created multiple attacks, targeting multiple organisations from the same email accounts," said Murali Urs, Country Manager-India, Barracuda Networks.

"The preferred choice of email service for these malicious accounts is Gmail as it is accessible, free, easy to register and has a high enough reputation to pass through email security filters," Urs added.

However, most of the time hackers don't use their bad emails for a long period.

In fact, the researchers saw 29 per cent of malicious account accounts were used only for a period of 24 hours.

"But some hackers were using the same email address by changing the display names for their impersonation attempts," he said.

Business email compromise is a highly targeted attack. After the initial research period, hackers impersonate an employee or trusted partner in an email attack.

The first email is usually used to establish contact and trust.

Hackers always expect a reply to their BEC attacks. Therefore, these attacks are usually attempted at a very low volume and are highly personalised to ensure a higher chance of a reply.

The researchers identified 6,170 malicious accounts used Gmail, AOL and other email services.

Organisations can safeguard themselves from malicious accounts by investing in protection against business email compromise, said the researchers.

"Business enterprises can also train their employees to identify targeted phishing attacks by recognising the messages that come from outside of organisations and stay aware of the latest tactics used by cybercriminals," they added.

  

Top Stories


Leave a Comment

Title: 6,170 malicious accounts hacked 1 lakh business emails: Report



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.