(MENAFN- B2Press) cyber Attackers Accelerate Their Activities During the Discount Week in November, Including Black Friday and Cyber Monday. Cyber attackers have ramped up their activities during the last week of November, which is globally celebrated as Discount Week, covering Black Friday and Cyber Monday. Global reports reveal that phishing attacks during this discount week increased by 692% compared to the beginning of the month. However, one in four people clicks on these fake links, and 15% of employees enter their credentials.
Cyber attackers were active during the last week of November, which includes Black Friday and Cyber Monday, often referred to as“Fantastic Friday,”“Legendary Friday,” and“Great Friday.” Cyber threat groups took advantage of this peak online shopping season. Recent data shows a rise in fake emails impersonating corporate brands during this period. A study on this year's discount week reveals that phishing attacks via email increased by 692% during the last week of November compared to the start of the month.
Ramin Karimkhani, Head of the Cybersecurity Team at Privia Security, which provides cybersecurity services and information security consulting to corporate companies, said:“Periods when consumers are chasing discounts offer unique opportunities for cyber attackers. Attackers can steal critical information from victims by impersonating the brand identities of popular brands or retailers running discount campaigns through phishing attacks.”
Fake Emails Surpass 1.3 Million in Six Months
An analysis conducted by Privia Security, which specializes in cybersecurity consulting and uses its Social Engineering Test product with 250 corporate clients, demonstrated that fake emails are a highly successful attack method. According to the data, over the last six months, more than 1.3 million fake emails were sent to the email addresses of 250 local and global corporate clients. The analysis of data from companies using Privia Security's Social Engineering Test services to increase in-house awareness and cybersecurity maturity showed that approximately 74% of employees opened and read these emails, and 25% clicked on the fake links.
Ramin Karimkhani emphasized that the data from six months of email traffic shows alarming signs in email security.“More than 990,000 fake emails were opened and read by corporate employees. One in four people clicked on these fake links, and 15% of employees entered their credentials. The high tendency of users to mistake fake content for real and the limited ability to detect malicious links pose critical risks for businesses. Fortunately, these fake emails are sent as part of a specific plan and strategy to raise awareness within organizations. We hope that awareness efforts will lead to better results,” he said.
Malware Execution Rate at 6%
Ramin Karimkhani, Head of the Cybersecurity Team at Privia Security, highlighted that the analysis shows email security remains a significant vulnerability. "In addition to the striking percentage of users who fail to distinguish fake emails, open them, and enter credentials, we found that the malware execution rate is at 6%. Three out of every 50 people open malware via a fake email and allow the software to enter their system. This study highlights that phishing attacks, one of the oldest cyber attack methods in internet history, are still largely successful, and the lack of awareness regarding information security has reached worrying levels. For example, you receive a fake email claiming to be a phone bill, and to view the amount, you are asked to click on a link. Once clicked, malicious software is installed into the system within seconds,” he explained.
Artificial Intelligence Strengthens Cyber Attackers' Hand
Ramin Karimkhani pointed out that it becomes more difficult for cybersecurity and IT teams to monitor and take preventive measures during busy discount and campaign periods, as email traffic is at its peak. "A single employee's carelessness or lack of awareness can lead to millions of dollars in losses or significant reputation damage for companies. For example, ransomware and fraud: A company working with critical data failing to protect its clients' or users' data and having that data leaked for ransom is highly damaging to its reputation. The solution to prevent this is increasing information security awareness across all levels of the organization. With the development of technologies like generative AI, which can highly mimic real-world examples, the risk is growing even further. Cyber attackers are gaining strength with technologies such as artificial intelligence, making it imperative for businesses to take proactive steps and treat email security seriously," he said.
First Simulation, Then Training
Ramin Karimkhani, Head of the Cybersecurity Team at Privia Security, mentioned that in addition to its cybersecurity service portfolio, the company also invests in R&D to develop its own products for areas where additional solutions are needed. He concluded his remarks by saying:
"At Privia Security, we provide our clients with analysis through the software and services we have developed, and make it easier to measure their cybersecurity maturity with simulations. With a test we offer as part of our Social Engineering APT Test service, we simulate phishing attacks and uncover businesses' cybersecurity maturity report cards. Based on this report card, we create action plans and design and implement training programs to increase digital security awareness for our clients. We developed the product we use for this service entirely with our own resources and made it available to our clients. All businesses that want to prepare for a future dominated by technology and artificial intelligence can benefit from Privia Security's expertise."
Contact: Tülay Genç | [email protected] | +31 30 799 6022
MENAFN24122024007075015205ID1109027434
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.