According to a report from cybersecurity vendor, Barracuda, scammers are becoming a bit more resourceful when it comes to planning attacks.
Some attackers are now staging preliminary, low-threat attacks first, to try and test the victim’s response to the full spectrum of attacks. scam attempt.
These early emails, known as ‘bait attacks’, were largely generated by scammers using the Gmail platform.
What are Bait attacks?
Research by Barracuda These decoy attacks have shown that they start with a fairly innocuous email that serves two functions – first, it can bypass email protection systems undetected, and second, it works action to verify that email is being used and that the victim is responsive.
In this example. Barracuda received a decoy email with the subject line “Hello” and no other content. The research firm responded to the email with ‘Hello, how can I help you?’, and within 48 hours received a phishing request from Norton LifeLock, demanding a $400 payment.
While traditional phishing emails carry many red flags that allow the system to catch them early, from suspicious links and poor grammar to potentially compromised email addresses, these bait emails are not only seeming innocent, but also by engaging the victim, also means that the respondent is now expecting and waiting for a response. A receptive and incarcerated subject is a payday for a scam scammer.
Example of an email bait from Barracuda
Where do the Bait attacks come from?
According to the study, about 35% of the 10,500 organizations it analyzed received at least one decoy attack in September 2021.
The decoy attack method is slightly different from the approach used by phishing scams, which tend to be high volume, stacking inboxes with email in the hope that a small minority will get caught. this scam. With decoy attacks, however, Barracuda found that attackers adopted a low-volume approach and avoided sending emails in batches. presumably to try and bypass detection devices based on large numbers or anomalies.
To send these emails, scammers are relying on free email services. This is not only because they won’t cost scammers anything, but they’re also a quick and easy way to set up a new email account and get the benefit of a new email address that hasn’t been released. blacklist.
The most popular free email service of choice appears to be Gmail, with 91% of the decoy emails Barracuda identified coming from the platform. Others, such as Hotmail and Yahoo, make up the remaining 9%.
Gmail itself appeared in the headlines last month, with news that they have identified and blocked 1.6 million phishing emails related to a crypto scam.
How to avoid bait attacks
This scam scam can be a little more complicated than we’re used to seeing, but that doesn’t mean it’s completely inevitable. The way that the first email is sent without any detectable threat means it can slip through anti-virus software and traditional email security, but you can take steps to reduce risks.
Alert Knowing the signs of a bait attack is the first step in not falling victim to an attack. It’s important that you know what a decoy attack looks like, and more importantly, that you don’t respond to emails with limited information or plain subject lines, as this can open obstacles. object.
Delete email bait – If you spot a decoy email, it’s important that your IT department is alerted to the threat immediately so they know and can remove it, and watch out for further attacks. .
Blacklist email addresses – While this scam tends to use new email accounts, it’s still a good idea to blacklist senders, if they try to send more emails to your organization.
While anti-virus software is unlikely to catch the bait email, it will catch the next phishing email, thanks to all the usual telltale signs, such as a suspicious link. Antivirus software is a valuable tool when it comes to eliminating phishing emails and should be used in conjunction with classic common sense to help reduce the risk from phishing schemes.
https://tech.co/news/scammers-are-using-gmail-to-carry-out-a-new-phishing-scam Scammers are using Gmail to make a new scam