Impersonation attacks rise sharply in Q3: Mimecast research

Transportation, legal and banking sectors hit the hardest by cyberattacks

Douglas: Attacks run the whole gamut, from sophisticated tactics, like voice phishing and domain spoofing, to simple attacks like spam.
Douglas: Attacks run the whole gamut, from sophisticated tactics, like voice phishing and domain spoofing, to simple attacks like spam.

Impersonation attacks are on this rise, accounting for 26% of total detections in Q3 of 2019, the latest Mimecast quarterly Threat Intelligence Report: Risk and Resilience Insights report shows.

Impersonation attacks now includes voice phishing or “vishing,” an advanced attack observed in this quarter, where threat actors use social engineering to gain access to personal and financial information via the victim’s telephone system.

While the report uncovered a mixture of simple, low effort and low-cost attacks targeting Mimecast customers, the data highlights complex, targeted campaigns leveraging a variety of vectors and lasting several days. These sophisticated attacks are likely carried out by organised and determined threat actors, employing obfuscation, layering, exploits, and encryption to evade detection.

Additionally, throughout the research, it was clear three industries were targeted the most by cyberattacks. Banking and legal, industries that are rich with sensitive information that yield results for threat actors and transportation, where state-sponsored threat actors seek to disrupt the logistical and supply capability of rivals.

“Threat actors seek numerous ways into an organisation - from using sophisticated tactics, like voice phishing and domain spoofing, to simple attacks like spam,” said Josh Douglas, vice president of threat intelligence at Mimecast. “This quarter’s research found that the majority of threats were simple, sheer volume attacks. Easy to execute, but not as easy to protect against as it shines a very bright light on the role human error could play in an organisation’s vulnerability.”

Of the 207 billion emails processed, there were 25 significant malware campaigns identified this quarter which incorporated Azorult, Hawkeye, Nanocore, Netwired, Lokibot, Locky and Remcos. The campaigns observed range from simple phishing campaigns to multi-vector campaigns alternating file types and attack vector, types of malware and vulnerabilities. All the analysis discovered in the report is fed back into Mimecast engineering to enhance cloud-based security services, improving customer’s cyber resilience and helping them avoid disruptions to their business

Most Popular

Digital Edition

Subscribe today and get your copy of the magazine for free