From helpnetsecurity.com
Emails coming from legitimate, compromised accounts are difficult to spot, both for existing email protection systems and the recipients themselves.
Lateral phishing tactics
Researchers from Barracuda, UC Berkeley and UC San Diego have studied 180 lateral phishing incidents and have identified the following patterns organizations and individuals should be aware of:
- One in 10 of the lateral phishing attacks succeed
- 42% don’t get reported to the organization’s IT or security team
- 98% of the lateral phishing incidents occurred during a weekday