What is barrel phishing?
Also referred to as “double-barreled” phishing, barrel phishing is a more sophisticated form of phishing that involves two emails. The first email—often referred to as the “bait email”—attempts to establish a relationship with the recipient or trick them into believing the sender is a trusted source. Once the recipient’s guard is lowered, they’re sent a follow-up email where the actual phishing occurs, usually in the form of malicious links.
These advanced phishing attacks often surprise employees who do not pay attention to the following emails.
In this example of a barrel phishing attack, Hackers sent fake Dropbox emails to victims. These emails claimed that a file a colleague sent needed to be viewed in Dropbox because it was too large to be attached. Once users clicked the link, they were directed to a counterfeit Dropbox login page. It was a convincing replica of the normal login page; however, the URL was not a Dropbox destination.
Another example of barrel phishing: your name is Bob and you work for Joe Smith, your company’s CEO. A spear phisher sees you on LinkedIn and notices that you’re friends with Joe. He follows you on Facebook and learns about your favorite sports teams and reads about a project you’re working on at the office. The attacker then creates an email account under the name email@example.com. While real Joe is on vacation—information that the phisher has gleaned from Facebook—fake Joe sends you an email that says, “Ugh, Bob… I am on vacation, but I need a wire transfer of $100,000 to a contractor in China for our project. Please take care of it right away. Here are the wiring instructions.” If you’re not paying close attention, you might complete the fund transfer.
How to prevent barrel phishing
Employee awareness and training are key to preventing barrel phishing. Because these particular attacks are led long-term, employees need to pay attention to the history of conversations, context and content of emails.
The implementation of an anti-spear phishing software can help you automatically detect and block suspicious emails so your employees are never put in a dangerous situation.
Vade’s spear phishing prevention technology uses artificial intelligence, including Anomaly Detection and Natural Language Processing, to identify impersonation attempts and malicious patterns in spear phishing emails.