Barracuda reveals three novel tactics on phishing

The latest research by Barracuda Networks, a trusted partner and leading provider of cloud-first security solutions, unveils three novel tactics that were detected in phishing attacks during January 2023 as cybercriminals are continuously evolving their attempts to trick victims, bypass security measures, and avoid detection.

Barracuda researchers analyzed data of phishing emails blocked by Barracuda systems. And while the overall volume of attacks using these tactics is currently low – with each tactic making up less than 1% of attempted phishing attacks – they are widespread, with between 11% and 15% of organizations affected, often with multiple attacks.

The three attack tactics detailed by Barracuda are:

· Attacks using Google Translate web links.

In January, researchers at Barracuda noted email attacks that used the Google Translate service for websites to hide malicious URLs (web page addresses). The attackers use poorly-formed HTML pages or a non-supported language to prevent Google from translating the webpage – and Google responds by providing a link back to the original URL stating that it cannot translate the underlying website. The attackers embed that URL link in an email and if a recipient clicks on it, they are taken to a fake but authentic-looking website that is in fact a phishing website controlled by the attackers. Such attacks are difficult to detect since they contain a URL that points to a legitimate website. As a result, many email filtering technologies will allow these attacks through to users’ inboxes. Further, the attackers can change the malicious payload at the time of email delivery, making them even harder to spot.

· Image-based phishing attacks.

Image-based attacks have also been commonly used by spammers and Barracuda researchers have found that attackers are now increasingly using images, without any text, in their phishing attacks. These images, which can be fake forms such as invoices, include a link or a callback phone number that, when followed up, leads to phishing. Because these attacks do not include any text, traditional email security can struggle to detect them. Data shows that around one-in-10 (11%) organizations were targeted with this type of phishing email in January 2023, each receiving on average around two such emails during the month. Researchers at Barracuda believe that image-based phishing will be an increasingly popular tactic for cybercriminals in the future.

· The use of special characters in attacks

Hackers often use special characters, such as zero-width Unicode code points, punctuation, non-Latin script, or spaces, to evade detection. This type of tactic is also used in “typo-squatting” web address attacks, which mimic the genuine site but with a slight misspelling. When they are used in a phishing email, the special characters are not visible to the recipient. An attacker inserts a zero-width (no) space within the malicious URL embedded in a phishing email, breaking the URL pattern so that security technologies do not detect it as malicious. Detection of such attacks can also be difficult because there are legitimate purposes for the use of special characters, such as within email signatures. Barracuda researchers found that in January 2023, more than one-in-seven (15%) organizations received phishing emails that use special characters in this way, each receiving on average around four such emails during the month.

Commenting on the occasion, Parag Khurana, Country Manager, Barracuda Networks India, said, “Phishing is a common starting point for many cyberattacks, including ransomware, financial fraud and credential theft. With cyberattack rising rampantly in India in recent times, cybercriminals continue to develop their phishing approaches to trap unwary recipients and avoid being spotted and blocked. To defend your organization, one needs the latest AI-enhanced email protection that can effectively inspect the context, subject, sender, and more to determine whether a benign-looking email is in fact a well-disguised attack. It is also imperative for organisations to train their employees to understand, identify and report suspicious messages, plus tools that enable security teams to quickly identify and remove any traces of a malicious email from user inboxes and compromised accounts should a malicious email manage to break through.”

ChannelDrive Bureauhttp://www.channeldrive.in
ChannelDrive Bureau covers the latest developments in the space of ICT, technology, solutions and implementations and delivers content focused around solution providers, system integrators, distributors and technology partner community in India. ChannelDrive Bureau is headed by Zia Askari. He can be reached at ziaaskari@channeldrive.in

Recent Articles

REVA University partners with Salesforce to elevate student experience

REVA University, a private State University in Bengaluru with state-of-the-art technology in India announced that it will be leveraging Salesforce to further strengthen its...

GE Lighting Picks Rimini Street to Increase Efficiency

Rimini Street, Inc., a global provider of end-to-end enterprise software support, products and services, the third-party support provider for Oracle and SAP software, and...

Badri Srinivasan to Lead Wipro’s India and SEA Businesses

Wipro Limited, a technology services and consulting company, announced that Badri Srinivasan will lead the India and Southeast Asia businesses under the company’s APMEA...

HP Doubles Down on Partner Growth with Program Enhancements

Last evening at the Amplify™ Partner Conference, HP Inc announced several new partner benefits and program enhancements aimed at driving greater agility, simplification, growth...

Dell unveils the latest Inspiron series in India

Dell Technologies has launched a new line of Inspiron laptops in India, including the Inspiron 14 and Inspiron 14 2-in-1. Designed to improve performance...

Related Stories

Stay on op - Get the daily news in your inbox