Phishing attacks are among the most widespread and effective tactics used by cybercriminals against business. These schemes aim to deceive employees into disclosing sensitive information, such as login credentials or financial data, by posing as legitimate sources.

While phishing attacks come in various forms, they often target corporate email systems due to the wealth of valuable information they hold. To assist businesses in bolstering their defenses against potential breaches, Kaspersky is unveiling the anatomy of a phishing attack.

According to Mimecast’s ‘The State of Email Security 2023′ report, 83% of CISOs surveyed see email as the primary source of cyberattacks.

The recent case of Pepco Group demonstrated the severe consequences that phishing attacks can inflict on a business. At the end of February, the retail company reported that its Hungarian subsidiary had fallen victim to a sophisticated phishing attack. As a result of this strike, Pepco Group lost approximately €15,5-million in cash. This incident highlights the expanding threat posed by cybercriminals, emphasising the critical need for organisations to strengthen their cybersecurity defenses.

In 2023 Kaspersky’s anti-phishing system thwarted over 709 million attempts to access phishing and scam websites, marking a 40% increase compared to the previous year’s figures.

In response to this issue, Kaspersky experts cover the way phishing attacks are conducted.

* Cybercriminals’ motivation – Phishing attacks stem from cybercriminals motivated by various factors. Primarily, they seek financial gain by unlawfully acquiring sensitive information like credit card details or login credentials, which can be sold or used for fraudulent transactions. Additionally, some are motivated by political or ideological agendas, or by the purpose of espionage. Despite the differing motivations, these attacks pose severe risks to businesses.

* The initial approach – Phishing attacks typically begin with cybercriminals crafting fraudulent emails designed to lure recipients into taking action. These emails often mimic legitimate communications from trusted sources, such as colleagues, business partners or reputable organisations. To enhance credibility, attackers may employ tactics like spoofing sender addresses or replicating corporate branding. The situation is further exacerbated by the emergence of AI-powered phishing attacks, leveraging sophisticated algorithms to create highly convincing and personalised phishing emails. This exacerbates the challenge of detecting and combating such threats.

* Deceptive content and techniques – Central to the success of phishing attacks is the exploitation of human vulnerabilities. Cybercriminals leverage psychological manipulation techniques, compelling victims to act impulsively without thoroughly evaluating the email’s legitimacy. Phishing emails employ various strategies to deceive recipients and elicit desired responses. Common techniques include: False pretenses; social engineering; malicious links and attachments.

* Evading detection – To evade detection by email security filters and anti-phishing solutions, cybercriminals consistently refine their tactics and adapt to evolving cybersecurity measures. They may employ obfuscation techniques, encryption methods, or URL redirection to bypass detection and enhance the effectiveness of their attacks.

* Consequences of successful phishing attacks – When phishing attacks succeed, the consequences can be severe for organisations. Breaches of corporate email systems can lead to unauthorised access to sensitive data, financial losses, reputational damage, and regulatory non-compliance. Moreover, compromised email accounts can serve as footholds for further cyberattacks, such as Business Email Compromise (BEC) or data exfiltration.

* Mitigation strategy – Safeguarding against phishing attacks targeting corporate email systems, means organisations must implement robust cybersecurity measures while educating employees about phishing awareness and best practices. Effective mitigation strategies include employee training, the introduction of multi-factor authentication, the formulation of incident response plans, and the deployment of advanced email filtering and security solutions.

“In today’s dynamic threat landscape, businesses face an ever-growing array of cyber risks, with email-based attacks posing a particularly insidious threat,” comments Timofey Titkov, head of cloud and network security product line at Kaspersky. “At Kaspersky, we recognise the critical importance of equipping organisations with robust cybersecurity solutions to help businesses defend themselves against these evolving threats.”