News • 23.09.2021

Employees in retail industry most targeted by malicious emails

Top phishing techniques used by cybercriminals

green letters on black background
Source: Unsplash/Markus Spiske

Two million malicious emails bypassed traditional email defenses, like secure email gateways, between July 2020-July 2021, according to a new report from Human Layer Security company Tessian. These emails were flagged by inbound email security tool Tessian Defender as malicious and analyzed by Tessian researchers to reveal the tactics cybercriminals use to carry out advanced spear phishing attacks that bypass defenses.

Who’s being targeted and how?

The retail industry was targeted most often during this period, with the average employee in this sector receiving 49 malicious emails a year. This is significantly higher than the overall average of 14 emails detected per user, per year. Employees in the manufacturing industry were also identified as major targets, with the average worker receiving 31 malicious emails a year. 

To evade detection and trick employees, attackers used impersonation techniques. The most common tactic was display name spoofing (19%), whereby the attacker changes the sender’s name and disguises themselves as someone the target recognizes. Domain impersonation, whereby the attacker sets up an email address that looks like a legitimate one, was used in 11% of threats detected by Tessian. These subtle nuances in the email domain aren’t always easy to spot. 

The brands most likely to be impersonated in the emails detected between July 2020 and July 2021 were Microsoft, ADP, Amazon, Adobe Sign and Zoom - the latter likely spurred on by the shift to remote working.

Account takeover attacks were also identified as a major threat, an attack vector that, on average, costs businesses $12,000. In this case, the malicious emails come from a trusted vendor or supplier’s legitimate email address, and likely won’t be flagged by a secure email gateway as suspicious. Tessian data found that account takeover comprised 2% of malicious emails analyzed, and the legal and financial services industries were targeted most by this type of attack.

What’s the motive?

While emails containing attachments were once a popular “spray and pray” method to trick people into downloading malware, Tessian found that less than one-quarter (24%) of the emails flagged contained an attachment. In addition, 12% of malicious emails contained neither a URL or file – a sign that attackers are moving away from using typical indicators of an attack. Links, however, do still prove to be a popular and effective payload, with almost half (44%) of malicious emails containing a URL.

While credential theft is growing in popularity among cybercriminals today, Tessian found more keywords related to “wire transfers” than “credentials” in its analysis. This suggests that the motive behind these attacks is still largely focused on financial gain.

When are people most vulnerable?

Most malicious emails were delivered around 2 p.m. and 6 p.m. in the hopes that a phishing email, sent during the late afternoon, will slip past a tired or distracted employee. Attackers also capitalized on specific times of the year. Tessian found the biggest spike in malicious emails immediately before and following Black Friday, a time when many people expect to receive a surge of emails touting deals and attackers can leverage the “too-good-to-be-true” deals and use them as lures in their scams.

Source: Tessian

related articles:

popular articles:

Thumbnail-Photo: Secondhand trading takes off in China
05.08.2021   #e-commerce #customer satisfaction

Secondhand trading takes off in China

Alibaba’s Idle Fish App makes recycling easier

More and more customers in China embrace secondhand trading, also known as re-commerce, to raise extra cash via online platforms such as Idle Fish.The trend has been turbo-charged by apps that make selling pre-owned items simpler, the need to ...

Thumbnail-Photo: Magical shopping experience
10.06.2021   #customer satisfaction #app

Magical shopping experience

Finally Harry Potter fans can visit the official Harry Potter flagship store New York City

Harry Potter New York will set a new standard for themed retail, combining breath-taking design, exquisite craftsmanship, hand-crafted props, exciting interactive elements and exclusive products - inviting fans to experience the Wizarding World in a ...

Thumbnail-Photo: E-commerce advertising industry benchmarks for 2021...
27.04.2021   #online trading #e-commerce

E-commerce advertising industry benchmarks for 2021

Sidecar report: Advertising benchmarks for Google, Facebook, Instagram, and Amazon

The global pandemic led to sweeping improvements in return on ad spend and reductions in cost per acquisition across primary ad platforms in 2020. That’s according to Sidecar’s 2021 Benchmarks Report, the company’s new retail ...

Thumbnail-Photo: More trust for retailers with messaging services...
17.08.2021   #e-commerce #customer satisfaction

More trust for retailers with messaging services

Increased purchasing power through conversational AI

Holiday shopping is set to look a little different in 2021, as consumers change their habits and brands deal with an ongoing labor shortage. According to a new survey uncovering what retailers need to know this holiday season from LivePerson, Inc. ...

Thumbnail-Photo: Digital allrounder: from price tags to self-checkout...
03.08.2021   #brick and mortar retail #epos systems

Digital allrounder: from price tags to self-checkout

q.beyond invests in self-checkout specialist Snabble

q.beyond AG is acquiring a 25.4-percent stake in Snabble GmbH. Snabble has already demonstrated the functionality and market maturity of its proprietary scan-&-go solution at major retailers such as IKEA, TeeGschwendner and tegut. This new ...

Thumbnail-Photo: Digital Care Labels: Show eco-consumers you mean business...
02.08.2021   #digitization #sustainability

Digital Care Labels: Show eco-consumers you mean business

Why fashion should allow consumers to take part in their garment’s circularity story

Clothing brands are actively seeking ways to lighten their environmental impact. It’s shocking that, on average, 23 kilograms of greenhouse gases are produced per kilogram of fabric, and in North-West Europe alone, around 4.7 ...

Thumbnail-Photo: Cash use remains strong through the pandemic...
18.08.2021   #mobile payment #payment systems

Cash use remains strong through the pandemic

Reasons, why retailers still need a cash strategy

The Covid-19 pandemic has accelerated “cashless society” efforts around the globe. Understandably, consumers grew concerned over the possibility of contracting the virus by handling cash. Meanwhile, retailers had to scramble to continue ...

Thumbnail-Photo: Shopping experience with interactive digital signage applications...
25.05.2021   #brick and mortar retail #digital signage

Shopping experience with interactive digital signage applications

Using lift & learn features and smart mirrors to activate customers

The advantage in traditional stores: customers can examine the items and pick them up. The advantage in e-commerce: There is a wide range of products and information. With the use of digital signage solutions, these two advantages can be ...

Thumbnail-Photo: It takes two: closing the sustainability-attitude behavior gap in fashion...
18.05.2021   #online trading #sustainability

It takes two: closing the sustainability-attitude behavior gap in fashion

Zalando wants customers to keep sustainabilty in mind

Recently, Zalando published a report sharing consumer insights and recommendations on how to close the sustainability attitude-behavior gap in fashion. Therefore, Zalando launched a value-based browsing experience and further invested in Pre-owned ...

Thumbnail-Photo: Employment situation in the U.S. in June 2021 due to Corona pandemic...
20.07.2021   #brick and mortar retail #retail

Employment situation in the U.S. in June 2021 due to Corona pandemic

Worse numbers compared to pre-pandemic level but recovery is in progress

Total nonfarm payroll employment rose by 850,000 in June 2021 compared to May, and the unemployment rate was little changed at 5.9 percent, the U.S. Bureau of Labor Statistics reported. Notable job gains occurred in leisure and hospitality, public ...

Supplier

APG Cash Drawer
APG Cash Drawer
4 The Drove
BN9 0LA Newhaven
Navori Labs
Navori Labs
Rue du lion d'or 4
1003 Lausanne
EuroShop
EuroShop
Stockumer Kirchstraße 61
40474 Düsseldorf
iXtenso - retail trends
iXtenso - retail trends
Celsiusstraße 43
53125 Bonn
Delfi Technologies GmbH
Delfi Technologies GmbH
Landgraben 75
24232 Schönkirchen