AMD fixes dozens of Windows 10 graphics driver security bugs
Void Balaur hackers-for-hire sell stolen mailboxes and private data
Russian ‘King of Fraud’ sentenced to 10 years for Methbot scheme
Windows 10 App Installer abused in BazarLoader malware attacks
QBot returns for a new wave of infections using Squirrelwaffle
FTC shares ransomware defense tips for small US businesses
These are the top-level domains threat actors like the most
Microsoft warns of surge in HTML smuggling phishing attacks
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
Bait attacks are on the rise, and it appears that actors who distribute this special kind of phishing emails prefer to use Gmail accounts to conduct their attacks.
According to a report by Barracuda, who surveyed 10,500 organizations, 35% of them received at least one bait attack email in September 2021 alone.
A “bait attack” is a sub-class of phishing where threat actors attempt to gather basic information about a specific target and use it for more targeted and effective attacks in the future.
It is a preparatory reconnaissance step that seldom comes with payloads or embedded links on the email body.
Although some of these emails contain a basic question or something that has higher chances of receiving a response, many don’t include any text at all.
While it may be strange to send an almost empty email, the threat actors are using them with the following goals:
Since these emails don’t include any links to phishing sites and don’t carry any attachments, they usually pass through phishing defense systems as they are not seen as malicious.
Barracuda’s stats show that 91% of all these bait emails are sent from newly-created Gmail accounts, while all other email platforms account for just 9%.
This preference is because Gmail is a very popular service that people associate with legitimacy and trustworthiness.
The same applies to email security solutions that treat Google’s email service as a highly reputable one.
Moreover, Gmail is a platform that allows the quick and easy creation of pseudonymous accounts without much fuss.
Finally, Gmail supports “read receipt” functionality, which tells the actors that the recipient opened the message even if they never replied.
This stealthily fulfills the purpose of the baiting attack, which is to confirm that the mailbox is valid and actively used.
Barracuda decided to experiment by replying to these baiting emails, which aren’t supposed to initiate the phishing process.
Within 48 hours, the security firm employee received a targeted phishing attack used after a false Norton LifeLock purchase claim.
This quick response demonstrates the readiness of the actors and the tight connection between these innocuous-looking empty emails and fully-fledged phishing attacks.
Remember, one doesn’t even have to reply to these emails to confirm that they are available for potential exploitation, so if you see one, delete it without opening it.
However, replying puts the victim in a higher priority category for the actors, as users who respond to bait emails are typically more susceptible and easier to exploit.
DocuSign phishing campaign targets low-ranking employees
Google warns 14,000 Gmail users targeted by Russian hackers
These are the top-level domains threat actors like the most
Windows 10 App Installer abused in BazarLoader malware attacks
Void Balaur hackers-for-hire sell stolen mailboxes and private data
Not a member yet? Register Now
Microsoft: New security updates trigger Windows Server auth issues
HPE says hackers breached Aruba Central using stolen access key
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


You May Also Like

Beware: Free Discord Nitro phishing targets Steam gamers

CISA orders federal agencies to fix hundreds of exploited security flawsUS sanctions…

macOS Monterey update causes some Macs to become unbootable

FBI: Ransomware targets companies during mergers and acquisitionsAndroid November patch fixes actively…

Sitecore XP RCE flaw patched last month now actively exploited

State hackers breach defense, energy, healthcare orgs worldwideMediaMarkt hit by Hive ransomware,…

These invisible characters could be hidden backdoors in your JS code

Microsoft urges Exchange admins to patch bug exploited in the wildMicrosoft November…