Advertisment

Cybercriminals are getting smarter: New ways of spying emails

Cybercriminals are learning behavior to launch subsequent phishing attacks, including harvesting financial information and additional login credentials.

author-image
CIOL Bureau
New Update
Cybercriminals

Barracuda and UC Berkeley researchers are conducting a large scale of analysis of email account takeover and timeline of attacks. This research highlighted the behavior of Cybercriminals who are capable of avoiding detection. They are using ways to identify suspicious activity that could indicate an email account has been compromised, and precautions you can take to protect your business - according to the Deccan Chronicle report.

Advertisment

Researchers used a combination of Barracudas’ Artificial Intelligence (AI) detectors to compile a list of compromised accounts in Aug 2019. This helps them to provide a detailed timeline analysis of compromised accounts.

The report highlighted some key finding of the researchers –

Getting smarter

Advertisment

Attackers are playing smart, they are not attacking at the same time when an account is compromised. They spread over a period of time, they don’t always attack as soon as the account is compromised.

They send phishing emails and perform other actions that included the use of anonymous IPs belonging to ISPs that are different from the hacked account’s provider.

Email Account Takeover

Advertisment

The attackers are using brand impersonation, social engineering, and phishing to steal login credentials. Once they succeed, the track the compromised account to learn the activities and how the company does business.

Cybercriminals use this learning to launch subsequent phishing attacks, including harvesting financial information and additional login credentials for other accounts.

Variety of methods

The hackers are using different methods to compromise your account. Researchers found that they are leveraging usernames and passwords to acquire previous data breaches. People often use the same password for different accounts, and cybercriminals are getting benefits out of this habit. They steal one account details and then access other accounts.

Also, using personal account credentials are being utilized to get access to business emails.