Hackers Use Gmail Accounts to Execute Baiting Attacks
A Bait Attack is a Method Used by Hackers to Collect Useful Info About Potential Victims.
Last updated on November 12, 2021
As the frequency of bait attacks, also known as reconnaissance attacks, increases, it seems that cybercriminals who send this type of phishing email choose to run their operations using Gmail accounts.
According to a survey conducted by Barracuda experts, almost 40% of the 10,500 businesses analyzed were targeted by at least one bait attack in September 2021, with each company receiving one of these emails in an average of three different mailboxes.
What Is a Baiting Attack?
A threat actor uses a baiting attack to just gather information about an individual or corporation in order to plan future attacks. Bait attacks are typically delivered in the form of emails with very short or even empty content.
The purpose of this type of attack is merely to verify the existence and accessibility of the receiver’s email, which is achieved if the threat actor receives a no “undeliverable” notification or, better yet, gets an answer from the target. Another goal is to test the effectiveness of automated spam-detection solutions.
Traditional phishing detectors struggle to defend against this class of threats because they contain little text and no phishing links or malicious attachments.
It’s important to note that potential victims don’t even have to respond to these email messages to verify that they’re vulnerable to email-based attacks. It is recommended that whenever you receive this type of email, send it right to trash without reading it.
For example, you may want to consider HeimdalTM Security’s Heimdal™ Email Fraud Prevention, the ultimate email protection against financial email fraud, C-level executive impersonation, phishing, insider threat attacks, and complex email malware. How does it work? By using over 125 vectors of analysis and being fully supported by threat intelligence, it detects phraseology changes, performs IBAN/Account number scanning, identifies modified attachments, malicious links, and Man-in-the-Email attacks. Furthermore, it integrates with O365 and any mail filtering solutions and includes live monitoring and alerting 24/7 by our specialists.
As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.