Email fraudsters use a variety of techniques, often in tandem, to pose as someone the victim trusts or does business with. Proofpoint revealed the most common:

Display-Name Spoofing — Webmail services such as Gmail are the preferred vehicle for email fraud because they are free and easy to use. In email fraud, the attacker simply changes the display name. Over the course of 2017 and 2018, nearly 39.5% of email fraud across financial services used Gmail.com, Comcast.net, AOL.com, Inbox.lv, or RR.com.
Domain Spoofing — Another common tactic is sending fraudulent email from the organization's own trusted domain. Criminals spoof domains owned by financial services companies to target its employees, customers and business partners. Thirty-nine percent of emails sent from domains owned by financial services companies externally appeared suspicious or categorized as unverified. That figure included 68% sent to employees appeared suspicious, 36% sent to customers, and 19% sent to business partners. Proofpoint said companies can prevent domain spoofing attacks by fully implementing domain-based message authentication, reporting and conformance measures.
Lookalike Domains — Attackers often register lookalike domains to trick people into believing an email comes from someone they trust. They create new, deceptively similar domains a variety of ways. They might swap characters or insert an additional character. In 2017 and 2018, 24% of targeted financial services organizations attacks originated from lookalike domains.

Proofpoint recommended effective security against these types of socially engineered attacks requires a people-centric approach, including robust email defenses and inbound threat blocking capabilities, combined with cybersecurity awareness programs that train users to spot and report malicious emails. "Businesses must assume that someone within their organization will always click and craft a security strategy that caters to their most attacked and vulnerable individuals and also protects against both internal and external impersonation attacks."

Instant Insights /

Impostor Email Attacks Targeting Financial Services Firms

Related Stories

Recommended For You