American Express and Discover cards are among the recent brands that have been used by attackers in longline phishing email attacks against businesses.
Longline phishing is a new type of email scamming that combines previously used spear-phishing and traditional mail-bombing attacks. It has successfully by-passed some traditional security systems by mass customising messages with varying subject lines, content, and originating IP addresses. Thus undetectable to some security filters which look for similar messages from a single source.
These new longline phishing attacks are defined by three specific characteristics:
- Proportionally low volume per organization, with high volume overall
- Aggressive obfuscation and customization techniques
- Malware payloads which utilize unpatched exploits.
One recent campaign, disguised as an official American Express email, was highly effective with a click rate of 24%. The lure was surprisingly sophisticated; containing no noticeable errors. Similarly the Discover card brand seemed realistic, however did contain some spelling and grammar mistakes.
The overall campaign consisted of 159,147 emails, of which were sent from 3,040 sender address, using 8,555 IPs. Within the message 916 unique URLs were used along with 87 compromised websites. This particular campaign was sent on Friday 2nd August 2013, however the majority of click throughs occurred on Saturday 3rd August 2013. With the sophistication of phishing attacks on the rise, it has never been more important to ensure business users are protected, on and off the corporate network.
Your IT Works clients, however, can rest easy in the knowledge that the email filtering services we provide include advanced Targeted Attack Protection, protecting them from these vicious longline phishing campaigns.
For more information about how to protect your business talk to us today.