A new report by Barracuda was recently published. It revealed that the vast majority of baiting email attacks conducted this year were done via G-mail accounts.

The firm surveyed 10,500 different organizations and found that more than a third (35 percent) of them received at least one bait attack email in September 2021 alone.

That's disturbing but perhaps it would be of benefit to back up a step. The term "Bait Attack" signifies a sub-class of phishing where hackers and scammers attempt to glean basic information about a particular person or organization. They then use that information for a more targeted attack in the future.

Essentially it's a simple attack where if it is successful it will lead to a more complex attack in the future. That would be an attack that's more likely to succeed given the earlier success.

Of significance is that these emails don't contain links that point to the outside world. They don't have attachments so there's nothing in the email that would raise any red flags. These messages sail right through even the most robust security systems because they're not harmful in any way. In fact sometimes they don't contain any text in the body at all.

The goal here is to illicit a response. So if there is text it will likely be simple, clear, and to the point. It could perhaps be even as simple as "Please confirm that this is indeed your email address."

If the recipient responds the sender learns a number of important details. These details include the fact that the email account is correct and active, that the recipient is at least somewhat likely to open unsolicited emails from unknown senders, and that the company's spam filter didn't block the email that was sent. From the perspective of a hacker that's a treasure trove of information.

As to why they have a preference for Gmail over other email providers that ultimately comes down to legitimacy. Google is a respected name. Hackers can leverage that respectability by using a Gmail account and often fly under the radar.

There's nothing specific to be done with this information beyond warning your employees to stay vigilant and resist the temptation to respond to unsolicited emails from unknown senders.

________________________________________________________________________________________________________

STOP OVERPAYING for CABLE and Netflix!
TeQ I.Q. Service works on "Apple, Android, Roku, Amazon, Computers, and more"
"We Now have TeQ I.Q. VOD+(Video On Demand) The Best VOD Service!
"If you have Netflix or any other VOD Service you should switch to TeQ I.Q. VOD+ Service"
It is better than Netflix with 5 Connections and 4K and 3D included. Better than all other VOD services with Over 30,000 Movies, including New In Theatre Movies, Over 10,000 TV Series and growing. TeQ I.Q. VOD+ adds Movies and TV Series on Request.
Check out our TeQ I.Q. Services at https://www.teqiq.com/tv

We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.

For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/

Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!

Used with permission from Article Aggregator