Tricky code: cybersecurity detectors open 30% of malicious emails

Photo of author

By admin

Information security officers open 30% of fraudulent emails, according to digital risk management experts. Such behavior can be fraught with the compromise of the company, experts say. The very fact that professionals who must confront scammers fall for their tricks speaks of the high ingenuity of attackers, the industry believes. Or about inadequate assessment by employees of their competencies.

Ultimate weapon

Even information security experts (IS) are vulnerable to fraudulent mailings that can lead to the compromise of an organization. Experts from BI.ZONE (a digital risk management company) found this out during training phishing attacks. Cybersecurity tests opened 30% of malicious emails

This is the lowest rate among all the studied groups.… But it also shows how thoughtful and prepared mailings from cybercriminals are, BI.ZONE said. They can mislead even those who are constantly faced with digital threats at work, the researchers noted.

– Phishing is one of the most common cyberattacks, in which the user receives an email with a call to download a file or follow a link. It can be a fake mailing on behalf of a popular brand, allegedly a document from government agencies or a question from the boss – everything that a fraudster’s imagination is enough for, ” said Evgeny Voloshin, director of the BI.ZONE expert services block.

incoming email messages

Photo: Depositphotos

Phishing is such a versatile tool that absolutely all categories of professionals are vulnerable to it to varying degrees.added RuSIEM CTO Anton Fishman. But information security services in comparison with other departments should be less susceptible to such influences, he said.

However, according to the results of about 100 thousand simulated attacks by the Antifishing company, specialists from technical support and information technologies were among the groups that, on the contrary, behaved the least securely, said the director of the organization Sergei Voldokhin.

– This clearly shows that specific knowledge does not guarantee correct and safe behavior on the part of employees in a digital attack. Rather, on the contrary, the presence of such knowledge creates false confidence in IT specialists that they will be able to accurately recognize a digital attack and are better protected than others, the expert believes.

Weak link

The most vulnerable category of employees in the BI.ZONE study named employees of sales departments… In these units malicious emails were opened in 68% of cases… It is not only a high share in itself that is dangerous, but also the fact that sales staff work with the data of clients and partners of their companies. Such access often makes “salesmen” the main target of cybercriminals, the authors of the study noted.

– Successful attacks on salespeople can lead to information leaks and damage the reputation, – it is emphasized in the work.

The most vulnerable groups are employees of commercial departments and those who actively work with external partners and customers, agrees Alexey Malnev, head of the Jet CSIRT Information Security Incident Monitoring and Response Center of Jet Infosystems. When attacking these departments, cybercriminals often motivate employees to make a profit., the expert specified.

computer work

Photo: Depositphotos

– Fraudsters can easily forge the next work letter (for example, a request to participate in a tender). The probability of success of such an attack is high: the victim is likely to follow the link or open the attachment. If scammers are well prepared and compose a letter optimally, up to 25% of employees will click on a phishing link or open dangerous attachments, ” said Alexey Malnev.

However, employees of departments who often interact with counterparties are well versed in offers and prices, and therefore can quickly detect suspicious and overly advantageous offers from fraudsters, says Sergei Voldokhin. He clarified that he relies on statistics on a sample of about 20 thousand people.

Which unit will be attacked depends on the purpose of the attackers, said Alexei Drozd, head of the information security department at SerchInform. If fraudsters attempt money, then accountants, sales managers and tendering departments are at high risk, he explained. In the case when attackers at any cost want to penetrate the internal perimeter of the company, they can attack any employee.

In terms of preparedness of employees, the most likely victims will be those who do not believe in the threat: they underestimate its importance or exaggerate their ability to recognize and resist an attack.… The position does not matter, – said Alexey Drozd.

Phishing forever

According to Jet Infosystems, phishing emails are the reason for the compromise of corporate computer systems in 80-90% of cases… SerchInform also considers malicious mailings to be one of the reasons why companies most often lose data and money.

– The Central Bank says that the most urgent threat for banks today is infection with spyware viruses and the introduction of hidden remote access tools. At the same time, in the overwhelming majority of cases, malware is spread through phishing mailings, – said Alexey Drozd.

Information Security

Photo: RIA Novosti / Ramil Sitdikov

There are no prerequisites for a decrease in the prevalence of phishing attacks in the next year or two, says Anton Fishman. Moreover, scammers never cease to amaze with their ingenuity, he noted. He told about this case. Employees of the company received two letters allegedly from an accountant. First letters – with the file “bonuses.xls” and the text: “In the attachment – bonuses for the company for the last month.” Then the same sender asked not to open the table, since it was sent by mistake.

– How many people do you think will not fall for such phishing? It seems to me close to zero, – said Anton Fishman.

In the foreseeable future, phishing will not cease to be an urgent problem, Sergei Voldokhin agrees. According to him, even if everyone now learns to recognize the main types of fraud, there is no guarantee that new ways of influencing people will not appear.