According to security specialist Websense, which released the findings of a new research report today, 92 per cent of Spam emails now contain a URL – and just over 1.6 per cent of them are characterised as spear-phishing attempts. According to Mike Cryer, a Websense consulting systems engineer based in Chicago, online attackers are getting smarter about when to actually detonate an attack.
He said very often an initial series of Spam emails was sent to determine the level of protection in an organisation, often addressed to the HR department. Once the email made it through the firewall and security systems, Mr Cryer said that a more targeted spear-phishing campaign would begin targeting just a handful of senior people.
Those emails would often be sent late on a Friday. He said that a corporate security system might sniff the URL in the email to see if it was safe to use, and on the Friday afternoon or evening it would appear as a clean site.
However over the weekend malware would be loaded onto the website, just in time for someone to click on the link first thing Monday morning.
Without education and real time protection the problem would persist he warned.
Another technique which was gaining traction was what Websense referred to as a “waterhole” strategy which encouraged people to access a particular website, which was free of malware until a specific time when malware was loaded up, timed to maximise its effect.
And where once attacks were launched to inflict damage or disruption, today there is a greater focus on collecting data according to Gerry Tucker, Websense’s regional sales manager.