In recent months we have seen a significant rise in email account takeover attacks taking place in the UK.
Email account takeover may not be an attack that is regularly featured in media headlines, but it can be devastating for its victims and very hard to spot.
How the attack works
Account takeover attacks involve criminals stealing the login credentials of an employee of an organization, remotely logging in to their account and launching attacks pretending to be them.
The attacks they launch are most commonly phishing campaigns that will often go undetected by security solutions as they appear to be genuine emails.
Over the last few weeks, we have specifically been seeing a large number of mass phishing campaigns that use legitimate compromised accounts from UK based organizations.
In this post, we survey some anonymized examples of these attacks.
Asaf Cidon is vice president of content security services at Barracuda Networks. In this role, he is one of the leaders for Barracuda Sentinel, the company's AI solution for real-time spear phishing and cyber fraud defense. Barracuda Sentinel utilizes artificial intelligence to learn the unique communications patterns inside customer organizations to identify anomalies and guard against these personalized attacks. Asaf was previously CEO and co-founder of Sookasa, a cloud storage security startup that was acquired by Barracuda. Prior to that, he completed his PhD at Stanford, where his research focused on cloud storage reliability and performance. He also worked at Google’s web search engineering team. Asaf holds a PhD and MS in Electrical Engineering from Stanford, and BSc in Computer Engineering from the Technion.