The Email Service Used Most in Baiting Attacks

It’s official: baiting attacks are on the rise and pretty much everyone’s favorite email server is the new preference for these attacks to happen. A report by Barracuda found that out of 10500 organizations, 35% of them received at least one base attack email and September 21 alone.

What Email is the Most Vulnerable to Baiting Attacks?

If you aren’t sure precisely what a baiting attack is, here’s some background. Bait attacks are a class of phishing, where threat actors attempt to gather basic information. The result? To use the data for more targeted at effective attacks in the future, wrote Bleeping Computer. So these new type of attacks is staking out their victims for a more sophisticated planned attack in the future. 


Ninety-one percent of these emails originate from newly-created Gmail accounts and all other email platforms account for only 9 percent. Barracuda statistics show that Gmail is a preference because it’s popular and associated with trustworthy and illegitimate services. 


Gmail isn’t the first big Corporation to be hit by this email attack. Recently Microsoft Ikea added Logistics suffered from malware ransomware and phishing attacks. And there isn’t an exact demographic for those who take the bait more than others because even a seasoned internet user could be too desensitized to realize what email they’re clicking. 


Vulnerability to baiting attacks also applies to the email security solutions “sent” by Google. Finally, Google is a platform that allows people to create fake emails easily. It’s not always malicious, but it somehow ends up being that way. Once a baiting attack can prove that a Gmail user is actively using their mailbox, further troubles begin from there. 


If you want to make sure you can spot these new threat actors, look out for these signs online. The most significant sign to look for is an email without links to a phishing site and no attachments, so they seem like they have no malicious intent.

Emails sent by threat actors could look like:
  • A regular email looking to confirm that a recipient’s email address is correct
  • An email looking to verify that your email address is active
  • Emails that guarantee a target’s susceptibility to junk mail
  • An email looking for you to test the effectiveness of spam detected detection services

Follow @1Rtechnologies on Facebook, Twitter, and LinkedIn for the latest tech news and trends.