What are “bait attacks” and how to recognize them

“Bait” attacks are on the rise, and scammers who send this special species phishing emails prefer to use Gmail accounts for attacks, warns Barracuda.

According to the report of this American company, which surveyed 10,500 companies, 35% of them received at least one such email in September 2021 alone.

“Bait attack” is a special method of phishing where cyber criminals investigate potential victims in order to gather information that will help them make the attack successful.

This preparatory step is a kind of reconnaissance that rarely involves malware or a link in the email, which is why such emails successfully bypass the security systems of the email provider.

Although it may be strange to send almost empty emails, cybercriminals often send just such emails, possibly with a question or something that has a better chance of getting an answer, and the reason they send such emails is to determine if the recipient’s email address is valid. whether it is actively used, to involve the victim in a conversation that could lead to the victim transferring money to the account of cybercriminals or giving them his password. By the way, in this way, cyber criminals test the effectiveness of automated solutions for detecting spam.

Since these messages do not contain any links to phishing sites or attachments, they usually go through phishing defense systems because they are not considered malicious.

Barracuda statistics show that such emails are sent from newly opened accounts of free email services such as Gmail, Yahoo and Hotmail, but mostly from Gmail accounts (91%), while all other platforms are represented by only 9%. The reason for this is that Gmail is a very popular service that people perceive as legitimate and reliable.

The same goes for security solutions that treat Google email service as a service with a very good reputation.

In addition, Gmail is a platform that allows you to quickly and easily create an account with a pseudonym without much hassle.

Finally, Gmail supports the “read confirmation” feature, which tells senders that the recipient has opened the message even if they don’t reply.

This fulfills the purpose of the byte attack, which is to confirm that the email address is valid and to be actively used.

Cybercriminals also take care not to send too many emails from their accounts to bypass detectors that register malicious behavior based on large numbers or anomalies.

Barracuda experimented by responding to these byte emails. The Barracuda research team responded to an email titled “Hi,” without any content. Within 48 hours of responding to this email, a phishing attack occurred on an employee of the company who received an email allegedly from Norton.

This quick response proves the connection between these seemingly harmless blank emails and phishing attacks.

Note that you do not have to reply to these emails, so if you see such an email, delete it without opening it. Responding to such an email puts the victim in a higher priority category for cybercriminals, because users who respond to such emails are usually more susceptible to fraud and easier to use.

Source: Informacija.rs by www.informacija.rs.

*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!