Barracuda released key findings about the ways cybercriminals are attacking and exploiting email accounts. Its latest report, titled Spear Phishing: Top Threats and Trends Vol. 4 - Insights into attacker activity in compromised email accounts, reveals a specialised economy emerging around email account takeover and takes an in-depth look at the threats organizations face and the types of defense strategies you need to have in place.
Over the past year, Barracuda researchers had teamed up with leading researchers at UC Berkeley to study the end-to-end lifecycle of a compromised account. After examining 159 compromised accounts that span 111 organisations, they identified the ways account takeover happens, how long attackers have access to the compromised account, and how attackers use and extract information from these accounts.
The research found fresh insights into these widespread and dangerous attacks; behavior of cybercriminals in compromised accounts, and how organisation’s can make defense strategies accordingly. Highlights from the report include:
“Cybercriminals are getting stealthier and finding new ways to remain undetected in compromised accounts for long periods of time so they can maximize the ways they can exploit the account, whether that means selling the credentials or using the access themselves. Staying informed about the attackers’ behavior will help organisations remain vigilant and put the proper protection in place so they can defend themselves against these types of attacks and respond quickly if an account is compromised,” said Don MacLennan, SVP Engineering, Email Protection at Barracuda.