At the RSA security conference in San Francisco, the experts at the Google Research team at the Google Research team have shared the results of an interesting study on cyber attacks against emails accounts.
Corporate email addresses are 4.3 more likely to receive malicious codes compared to personal accounts, 6.2 times more likely to receive phishing lures, and 0.4 times less likely to receive spam messages.
The Google Research team analyzing more than one billion emails that passed through its Gmail service, the experts discovered that corporate inboxes are a privileged target for threat actors. The result is not surprising because corporate email accounts contain more valuable information for attackers. Cyber criminals can steal information and resell them on the Dark Web, meanwhile, nation-state actors could use them for espionage activities.
Which is the most targeted industry?
This result is very interesting, organizations in the real estate sector were the most targeted with malicious codes, while spam emails proposing products and services mostly targeted companies in entertainment and IT industries.
Organizations in the financial sector are the privileged target of phishing campaigns, the experts at Google believe that phishing attacks will continue to increase in the future.
Anyway, there is a good news for Gmail.users, as announced by Elie Bursztein, the head of Google’s anti-abuse research team, the company is going to implement the SMTP Strict Transport Security to the email service.
The SMTP STS will provide a further security measure to protect Gmail users from man-in-the-middle attacks that leverage on rogue certificates. Google, Microsoft,
“Google, Microsoft, Yahoo and Comcast are expected to adopt the standard this year, a draft of which was submitted to the IETF in March 2016.” wrote ThreatPost.
Below the slides presented at the RSA Conference by Elie Bursztein.
[adrotate banner=”9″]
(Security Affairs – Corporate email addresses, Cybercriminal)
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware…
Sophos fixed three Sophos Firewall flaws that could lead to SQL injection, privileged SSH access…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust Privileged Remote Access (PRA) and Remote…
Raccoon Infostealer operator Mark Sokolovsky was sentenced to 60 months in US prison and ordered…
Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after…
Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information…
This website uses cookies.