Latest


Over 35% of 10,500 firms saw one bait attack in September: Report

  •   Mon, Nov 15 2021 02:23:02 PM

New Delhi, Nov 15 (IANS): More than 35 per cent of 10,500 organizations were targeted by at least one bait attack in September 2021, a new report revealed on Monday.

Bait attacks, also known as reconnaissance attacks, are a class of threats where the attackers attempt to gather the information that can be used to plan future targeted attacks. They are usually emails with very short or even empty content, according to the report from cloud-enabled security solutions provider Barracuda Networks.

The goal is to either verify the existence of the victim's email account by not receiving any "undeliverable" emails or to get the victim involved in a conversation that would potentially lead to malicious money transfers or leaked credentials.

"As attackers work to make their phishing attacks more targeted and effective, they've started researching potential victims to collect information that will help them improve the odds that their attacks will succeed," Murali Urs, Country Manager, India, Barracuda Networks, said in a statement.

As the threats do not involve any text, phishing links or malicious attachments, it is hard for conventional phishing detectors to defend against these attacks. Moreover, to avoid being detected, the attackers typically use fresh email accounts from free services such as Gmail, Yahoo or Hotmail to send the attacks.

To safeguard their employees from falling prey to bait attacks, organizations need to deploy artificial intelligence (AI) to identify and block them. Traditional filtering technology is largely helpless when it comes to blocking bait attacks. The messages carry no malicious payload and usually come from Gmail, which is considered highly reputable.

As per the report, AI-based defence is a lot more effective as it exploits data extracted from multiple sources, including communication graphs, reputation systems and network-level analysis to be able to protect against such attacks.

Training is yet another factor that can help to a large extent. Trained users can recognize and report bait attacks that may still land in users' inboxes. So organisations must conduct security awareness training and simulation campaigns and encourage users to report these attacks to the IT and security teams.

 
  

Top Stories

Mangaluru: Yenepoya Medical College holds 21st convocation ceremony

  •   9 hours ago   

Leave a Comment

Title: Over 35% of 10,500 firms saw one bait attack in September: Report



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like