Light Dark
April 5, 2017 By Larry Loeb 2 min read

Barracuda Networks has reported that many of its customers have been hit by a so-called “airline phishing attack” that focuses on industries related to logistics, shipping and manufacturing, according to CSO Online. Attackers assume the identities of travel agents and send emails that appear to contain airline passes or other types of e-tickets.

Analyzing the Airline Phishing Attack

According to Barracuda, the fraudsters behind the campaign do their homework. Before launching an attack, they research their targets to determine which airlines, destinations and prices might feasibly appear in a legitimate email.

The fraudulent email contains a .pdf or .docx attachment, which, when opened, executes the malware and redirects the victim to a website designed to imitate an airline or corporate travel center. Once there, the victim is encouraged to enter company credentials, which the attackers can then use to breach corporate networks.

BEC Attacks on the Rise

Proofpoint found that business email compromise (BEC) attacks have increased by 45 percent in the last three months of 2016 compared to prior months. The company also discovered that two-thirds of all BEC attacks spoofed email address domains so that fraudulent emails would display the same domain as that of the targeted company. Interestingly, Proofpoint found no correlation between the size of the company and BEC attack volume.

Asaf Cidon, vice president of content security services at Barracuda, told CSO Online that these attacks were influencing firms to change their defense strategies.

“The market is moving from a static, rule-based approach that relies on seeing the same virus or spam message across many customers to dynamic, machine learning-based systems that learn and adapt to the attacks,” he noted. “Future email security systems will need to learn each customer’s environment and find anomalies in real time.”

Vigilance against email phishing has long been a crucial component of security. These attacks demonstrate the importance of user awareness and employee training to mitigate all types of threats, even those as simplistic as phishing.

 |  |  | 
Larry Loeb
Principal, PBC Enterprises

More from

November 14, 2024

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

November 13, 2024

Adversarial advantage: Using nation-state threat analysis to strengthen U.S. cybersecurity

4 min read - Nation-state adversaries are changing their approach, pivoting from data destruction to prioritizing stealth and espionage. According to the Microsoft 2023 Digital Defense Report, "nation-state attackers are increasing their investments and launching more sophisticated cyberattacks to evade detection and achieve strategic priorities."These actors pose a critical threat to United States infrastructure and protected data, and compromising either resource could put citizens at risk.Thankfully, there's an upside to these malicious efforts: information. By analyzing nation-state tactics, government agencies and private enterprises are…

November 12, 2024

6 Principles of Operational Technology Cybersecurity released by joint NSA initiative

4 min read - Today’s critical infrastructure organizations rely on operational technology (OT) to help control and manage the systems and processes required to keep critical services to the public running. However, due to the highly integrated nature of OT deployments, cybersecurity has become a primary concern.On October 2, 2024, the NSA (National Security Agency) released a new CSI titled “Principles of Operational Technology Cybersecurity.” This new guide was created in collaboration with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD SCSC) to…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature