Cybercriminals are leveraging various tactics to target organisations with bait attacks.
Based on analysis by Barracuda researchers, over 35 per cent of 10,500 organisations were targeted by at least one bait attack in September 2021, with an average of three distinct mailboxes per company receiving one of these messages.
“Bait attacks, also known as reconnaissance attacks, are a class of threats where the attackers attempt to gather the information that can be used to plan future targeted attacks,” the firm explained in an official release.
These are usually emails with very short or even empty content. Bait attacks are meant to help attackers either verify the existence of the victim’s email account by not receiving any “undeliverable” emails or to get the victim involved in a conversation to potentially lead to malicious money transfers or leaked credentials.
“As the threats do not involve any text, phishing links or malicious attachments, it is hard for conventional phishing detectors to defend against these attacks,” it said.
Low volume phishing
Attackers leverage popular free email services such as Gmail, Yahoo, or Hotmail to avoid being detected. They also rely on a low volume, non-burst sending behaviour. This is to avoid detection by any bulk or anomaly-based detectors.
They also research their potential victims at times for more targeted phishing attacks.
Murali Urs, Country Manager, India, Barracuda Networks, said, “As attackers work to make their phishing attacks more targeted and effective, they’ve started researching potential victims to collect information that will help them improve the odds that their attacks will succeed.”
Organisation need to deploy AI-based solutions to help safeguard their employees from falling prey to bait attacks and block such attacks. Employee training will also help avoid such attacks by recognising and reporting bait emails if they land in their inboxes.
“When bait attacks are identified, it’s important to eliminate them from users’ inboxes as quickly as possible before users open or reply to the message. Automated incident response can help identify and remediate these messages in minutes, preventing further spread of the attack and helping to avoid making your organisation a future target,” Barracuda said.