As the holidays approach, distracted workers are rushing to wrap up their work before the holiday break, and cybercriminals are ready to take advantage.
In Volume 1 of Spear Phishing: Top Threats and Trends, Barracuda researchers looked at the number of attacks before, during, and after the holidays. They saw a spike in attacks in the days leading up to the holiday, and then a significant drop off during the actual holidays when many workers are out of the office.
Seasonality dramatically impacts the number of spear-phishing attacks. Cybercriminals try to exploit security weaknesses and other potential vulnerabilities around holidays and other events, such as tax season. As the chart above shows, the week before Christmas, the number of spear-phishing attacks spiked to more than 150% above average. The number of attacks dropped significantly in the weeks after the holiday.
Cybercriminals know the end of the year is flooded with a lot of activity, including email communications, and try to take advantage by launching attacks at distracted and busy employees. IT and security staff resources are typically stretched at the holidays, as many people take vacation time, and they may not be as vigilant or have as much time to monitor potential phishing attacks. Cybercriminals try to exploit this temporary weakness in security. Scammers deliberately target seasonal workers, contractors and other temporary employees, who can be less familiar with company business practices and security policies and more likely to fall victim to an attack.
Since hackers tend to target employees during the work week and business hours, we expect to see this pattern repeat this year.
Impact of remote work
For businesses, these isuues will be even more prevalent and concerning this year given so many people are working remotely. Many organizations struggled this year. Some had to reduce their IT or security resources or were unable to replace them. Others had to cut their security budget or delay planned investment in better security. Employees are still as distracted and fatigued from remote working, and the number of attacks is always increasing from year to year. What’s most concerning this year, though, is the fact that these attacks are likely to have a higher success rate because of COVID-19 and impact it has had on the workforce. Organizations need to train your employees, so the success rate of these attacks doesn’t increase as well.
How to protect against email attacks
Here are some steps you can take to protect your business, even on a limited budget:
- Educate employees. If you don’t have budget, you can always design a program in-house. There are a lot of free resources provided by local governments, law enforcements, security vendors, SANS institute and other.
- Review internal policies. Set up policies around payment, wire transfers, data sharing and sending confidential data outside of the organization.
- Revoke access to seasonal workers and contractors immediately after termination or expiration of their contract. Limit data and privileged access only to those individuals that need it.
- Encourage your employees to keep up with security updates. We all guilty of clicking ‘remind me later’ when security update pops-up, remind your user that these updates include important parches for security vulnerabilities and should be updates as soon as possible.
Olesia Klevchuk is Principal Product Marketing Manager for email security at Barracuda Networks. In her role, she focuses on defining how organizations can protect themselves against advanced email threats, spear phishing and account takeover. Prior to Barracuda, Olesia worked in email security, brand protection, and IT research.