Light Dark
December 7, 2021 By David Bisson 2 min read
News

Security researchers detected an increase in both phishing campaigns and brute force attacks in the first half of 2021.

Vendor and Business Email Compromise Attempts Also Up

According to Abnormal Security, the volume of brute force attacks grew by 160% starting in May 2021 and ending in mid-June. This means that brute force attacks targeted 26% of all organizations per week on average during that period — more than double the rate (10%) for a typical week.

Some weeks registered a higher volume of attacks than others. In particular, the rate of attacks for the week of June 6 shot up 671% over the previous week’s average. Subsequently, nearly a third of all organizations found themselves targeted by brute force attacks that week.

Credential phishing attempts also increased in H1 2021. They rose from two-thirds of advanced attacks in Q4 2020 to more than 73% of attempts in Q2 2021.

Such growth highlights the fact that digital criminals can use a compromised email account to conduct secondary attacks. That threat includes vendor email compromise as well. In this case, attackers seize a vendor account and inject themselves into an ongoing email conversation. Then, they use that access to send fraudulent invoices or banking details under their control.

These types of attacks rose for the fourth consecutive quarter in Q2 2021.

And then there are business email compromise scams. This type of attack grew from 0.2 campaigns per 1,000 mailboxes at the beginning of the year to 0.41 campaigns by the end of June.

The Growing Speed of Phishing Attacks

The findings discussed above highlight the extent to which phishing attacks have become easier and cheaper to conduct.

No wonder then that the average phishing attack lasts an average of 21 hours. That breaks down to nine hours from when the first victim visits the campaign’s malicious domain to when the first detection comes in. After that, it’s another seven hours before detection rates of the phishing site peak. Another five hours account for the time where victims receive the link and browse the site.

At the same time, it doesn’t cost attackers all that much to conduct a phishing attack. They can purchase an email list between $50 and $500 on a dark web marketplace, for instance. Once they’ve bought it, they can then use the same list to launch other attacks.

How to Protect Against Phishing and Brute Force Attacks 

Organizations can protect themselves against credential phishing and brute force attack campaigns by cultivating a culture of cyber awareness. Specifically, they can use threat intelligence to educate their employees about some of the most recent phishing attacks targeting users. It’s important to use phishing simulations as part of this process. That way, you can test employees’ knowledge and provide follow-up learning modules where needed.

At the same time, organizations need to implement technical controls designed to safeguard their authorized accounts. They can do this by putting multi-factor authentication in place to prevent a set of compromised credentials from translating into a successful account takeover. They can also leverage single sign-on to reduce the pressure for employees to remember too many passwords for too many web accounts.

 |  |  | 
David Bisson
Contributing Editor

More from News
November 18, 2024

Research finds 56% increase in active ransomware groups

4 min read - Any good news is welcomed when evaluating cyber crime trends year-over-year. Over the last two years, IBM’s Threat Index Reports have provided some minor reprieve in this area by showing a gradual decline in the prevalence of ransomware attacks — now accounting for only 17% of all cybersecurity incidents compared to 21% in 2021. Unfortunately, it’s too early to know if this trendline will continue. A recent report released by Searchlight Cyber shows that there has been a 56% increase in…

November 4, 2024

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks. The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that…

October 28, 2024

CISA and FBI release secure by design alert on cross-site scripting 

3 min read - CISA and the FBI are increasingly focusing on proactive cybersecurity and cyber resilience measures. Conjointly, the agencies recently released a new Secure by Design alert aimed at eliminating cross-site Scripting (XSS) vulnerabilities, which have long been exploited to compromise both data and user trust. Cross-site scripting vulnerabilities occur when a web application improperly handles user input, allowing attackers to inject malicious scripts into web pages that are then executed by unsuspecting users. These vulnerabilities are dangerous because they don't attack…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature