Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

9/20/2018
04:15 PM
100%
0%

Account Takeover Attacks Become a Phishing Fave

More than three-quarters of ATOs resulted in a phishing email, a new report shows.

Why spoof an email address for phishing messages when you can hijack an account and send them from the real one? That's the theory behind account takeover (ATO) attacks, and it's one being put into practice in a growing number of criminal cases.

According to a new report from Barracuda, which draws on a study that looked at 50 randomly selected organizations, nearly 40% of respondents reported at least one ATO attack in the second quarter of 2018.

"On average, when a company got compromised, the compromise resulted in at least 3 separate account takeover incidents," according to the report. Of the incidents, 78% resulted in phishing email being sent.

"Cybercriminals are able to professionally customize emails to trick even the most discerning eye all the way up to the CEO level," says Ryan Wilk, vice president of customer success at NuData Security. "These phishing emails trick victims into clicking on links or on documents that appear legitimate, only to automatically download key loggers or other malware tools used to harvest credentials." 

The report's authors noted that their results could have underreported the actual incidence of ATO attacks since they relied on incidents reported by companies. Many organizations either aren't aware that they've been the victim of such an attack or are reluctant to admit to having been victimized.

Read more here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Sure you have fire, but he has an i7!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-35327
PUBLISHED: 2021-03-04
SQL injection vulnerability was discovered in Courier Management System 1.0, which can be exploited via the ref_no (POST) parameter to admin_class.php
CVE-2020-35328
PUBLISHED: 2021-03-04
Courier Management System 1.0 - 'First Name' Stored XSS
CVE-2020-35329
PUBLISHED: 2021-03-04
Courier Management System 1.0 1.0 is affected by SQL Injection via 'MULTIPART street '.
CVE-2021-22183
PUBLISHED: 2021-03-04
An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions.
CVE-2021-22189
PUBLISHED: 2021-03-04
Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues.