There is no denying that phishing is a huge problem that is continuing to grow. In just the first quarter of 2016, 6.3 million phishing emails were sent out, a 789% increase from the last quarter of 2015. Among those emails, a shocking 93% contained ransomware.
Between the last quarter of 2015 and the first quarter of 2016, there was a 789% increase in phishing emails.
Soft Target Phishing Definition
Soft target phishing is a phishing attack that is a combination of BEC (a subtype of spear phishing) and a mass phishing attack. Instead of targeting a single individual like the BEC, or tens of thousands of people like traditional mass phishing, soft target phishing aims for a few individuals in a specific job category. The emails often include business customizations to make them more convincing.
Soft target phishing combines elements from the business email compromise and general mass phishing attacks.
For example, multiple people in the HR department receive an email with a resume from a job applicant. The email contains a customized message addressing each employee and provides some other information to make the interaction seem legitimate. Since the email seems real, the employees open the attachment, unaware that it contains malware that can now infiltrate the entire company system. This attack is similar to the BEC in that emails are customized with seeming legitimate information. However, these attacks are different because instead of targeting just one individual asking for confidential information, soft target phishing is aimed at a group in a particular job category with malicious attachments.
Why is it so easy?
Chances are you have already had your personal information hacked, especially if you don’t keep your computer software up to date or don’t have advanced email protection. Combine this with the availability of your entire work history on LinkedIn and you have an easy recipe for creating a highly customized spoofed attacks. Soft target emails will generally slip past standard email filtering systems.
Soft target phishing attacks get past normal email filters because they don’t contain the common phishing red flags that these systems can catch.
These emails can get past the filters because they don’t contain the normal red flags that standard filtering systems look for. The emails don’t have suspicious hyperlinks or executable attachments (the type of file typically used for malware). Instead, the emails simply contain a customized written message and an attachment that looks to be just a PDF or Office document. Standard filtering does not have the capabilities to scan the contents of these types of attachments, allowing them through.
Any department in your company could fall victim to phishing attacks. This type of attack, however, tends to target the following departments:
- Human Resources: with all the personal data human resources deals with and has access to, they are an obvious target. A common tactic is to send emails with an attached “resume” from a job applicant. Unfortunately, the “resume” contains ransomware that once opened can infiltrate the company system.
- Billing: since this department receives many emails daily with bill or invoice attachments they are targeted similarly to the HR department. Individuals receive customized emails that make them believe the invoice or bill is legitimate, so they open the attachment, allowing ransomware to enter the system.
- Shipping department: since this department is often in a different location from the main headquarters, it is easy to target these individuals. Since they interact with different people each day they never get a sense of an individual’s email style, so basic skills taught in phishing awareness training aren’t as helpful.
So what is the best solution? Artificial Intelligence Powered email protection.
Vade Secure offers state-of-the-art email security to protect your company from soft target phishing and all other types of email-borne attacks.
- Initial filtering: Emails are analyzed for known phishing and malware signatures, including executable files. This quickly weeds out all spam and mass attacks.
- We read the code embedded not just in executable files but in Office documents, PDFs, and more.
- This in-depth proprietary defense system is bolstered by two complementary anti-virus solutions.
- URL Sandboxing: All URLs are examined to be sure they do not link to malware, phishing sites, or any other malevolent site. Unlike most URL exploration engines, Vade Secure e