Hackers Target Middle Managers and Corporate Emails
On average, users click one of every 25 malicious messages delivered. Attacks occur mostly during business hours, peaking on Tuesday and Thursday mornings, with 17% more clicks than on other weekdays.
Users clicked on phishing emails in 2014 because hackers’ campaigns evolved and no longer matched the characteristics users had been trained to avoid. These include being wary of social media invitations.
Hackers now target corporate users with attachments in high-volume campaigns, piggybacking on legitimate messages like email newsletters and opt-in marketing emails. As a result, users receive many malicious emails that they do not recognize as threatening.
In 2014, managers doubled their click rates compared to 2013. Managers and staff clicked on links in malicious messages twice as many times as executives.
Employees in Sales, Finance and Procurement departments click the most on malicious messages—50% to 80% more often than the average departmental click rate.
Attackers lure two out of three users into clicking immediately, so organizations no longer have days or weeks to find and stop malicious emails. In contrast to last year, when only 39% of emails were clicked in the first 24 hours, this year that increased to 66%. By the end of the week, 96% of all clicks have occurred.
Social media invitations, the most popular and effective email lures last year, decreased 94% this year. Attachments, rather than URLs, such as message notification and corporate financial alerts, increased 1,000% on some days.
The most popular email lures this year included e-fax, voice mail notifications and corporate and personal financial alerts.
Corporate financial lures ranked lowest as measured by click-through rate, but they deliver the highest yield. Attackers are doing expected-value calculations–delivery rate X payoff–and are counting on a click’s high value to compensate for the lower overall click-through rate.
To detect advanced malware, get malware analysis technology that uses a combination of techniques to evaluate advanced threats. Deploy solutions that leverage cloud-based big data analytics to “predictably detect” malicious URLs in unsolicited emails and block clicks before they lead to compromise.
Deploy comprehensive security that leverages an agentless, cloud-based service with URL intelligence that protects users no matter when or where they click that URL.