After running the Barracuda Email Threat Scanner on hundreds of thousands of mailboxes across many customers, we've noticed some very creative and (unfortunately) very successful attacks. One such attack is a new spin on an old phishing email. We've seen this attack with several of our customers, especially in industries that deal with frequent shipping of goods or employee travel, such as logistics, shipping, and manufacturing.
The airline phishing attack using multiple techniques to capture sensitive data and deploy an Advanced Persistent Threat
The airline phishing attack is a combination of two or more attack techniques. The first technique is impersonation. The attacker will either impersonate a travel agency or even an employee in HR or finance that is sending an airline ticket or e-ticket. The email will be constructed to appear inconspicuous to the untrained recipient. Here's an example subject line:
Asaf Cidon is vice president of content security services at Barracuda Networks. In this role, he is one of the leaders for Barracuda Sentinel, the company's AI solution for real-time spear phishing and cyber fraud defense. Barracuda Sentinel utilizes artificial intelligence to learn the unique communications patterns inside customer organizations to identify anomalies and guard against these personalized attacks. Asaf was previously CEO and co-founder of Sookasa, a cloud storage security startup that was acquired by Barracuda. Prior to that, he completed his PhD at Stanford, where his research focused on cloud storage reliability and performance. He also worked at Google’s web search engineering team. Asaf holds a PhD and MS in Electrical Engineering from Stanford, and BSc in Computer Engineering from the Technion.