List of Malicious Phishing Terms Shows that Express Shipping Tools Tops It
A well known security firm recently announced the launching of "Top Words employed during phishing attacks in order to hack successfully Enterprise Networks and hack data," report according to which, the key words used by cybercriminals to show the urgency to con unwary recipients into downloading malevolent files. The prime word is related to express shipping to avoid traditional IT-security suspicion in email-based attacks.
By a recent data from the FireEye "Advanced Threat Report," during the first 6 Months of 2012, attacks through e-mails increased by 56%. Email-based sophisticated cyber attacks simply bypass customary signature-based security defenses, predating on ignorant users to load malicious files.
"Cybercriminals persist towards developing and refining their attack tactics to avoid detection and employ techniques that work. Spear phishing emails are on hike because they work," said Ashar Aziz, Founder and CEO, FireEye, as accords to a statement published by technology-digital.com on September 26, 2012.
Amusingly, topmost in terms list include international mail service and DHL Express. However, the Company is conscious that its name is normally utilized by cyber crooks said, Spokesman, Daniel McGrath of DHL as published by SCMagazine.com on September 26, 2012.
As per the "Advanced Threat Report" from FireEye, the first six months of 2012, email-bases attacks increased to 56%.email-based advanced cyber attacks easily bypass traditional signature-based security defenses, preying on naïve users to install malicious files.
To neglect the detection, cybercriminals tries to evolve and refine their attack tactics and use techniques that work. Funder and CEO Ashar Aziz claimed that spear phishing emails are on the rise and they work well, as published by technology-digital.com on September 26, 2012.
Amusingly, international mail service, DHL express, is at the top of the terms list, but the company knows that its name is commonly used by cybercrooks, spokesman Daniel McGrath of DHL said as published by SCMagazine.com on September 26, 2012.
Other terms like "notification" and "alert" is used to create urgency, found from the report.
And, cybercriminals seems to utilize finance-related words like names of financial institutions and a related transaction; e.g. "Lloyds TSB-Login Form.html," and tax-linked words like "Tax_Refund.zip."
Words that are related to travel and billing such as "American Airlines ticket" and "invoice" are quite famous.
To "personalize" booby-trapped emails and make them look more genuine, the crooks use phrases from social engineering sites, bewared by FireEye.
Zip files are used by attackers to overshadow the malicious code, but other file types like PDFs and executable files, also feature in attacks ultimately aimed at gaining access to corporate networks before grabbing intellectual property, customer information and other valuable data. It's not easy to trust that executables, specially, aren't regularly blocked entry of corporate email gateways, though Fire Eye's research sugafgests otherwise.
Related article: Lowest Level of Infection in UK PCs
» SPAMfighter News - 04-10-2012