Office email services have been used to impersonate and scam nearly 6,600 organizations so far this year, according to a study by email security firm Barracuda Networks.

Barracuda found that 6,170 malicious accounts that have used Gmail, AOL and other services have been responsible for more than 100,000 business email compromise (BEC) attacks, which have impacted nearly 6,600 organizations.

Since April 01, these malicious accounts have been responsible for 45% of all BEC attacks detected.

“Essentially, cyber criminals are using malicious accounts to impersonate an employee or trusted partner, and send highly personalized messages for the purpose of tricking other employees into leaking sensitive information or sending over money,” Barracuda said.

Gmail is cyber criminals’ preferred service for malicious accounts. According to the Barracuda study, Gmail accounts for 59% of all email domains used by cyber criminals. Yahoo, the second most popular, accounts for just 6% of all observed malicious account attacks.

The study also found that 295 malicious accounts are used for less than 24 hours, likely to avoid detection and suspension by email providers.

However, it is not unusual for cyber criminals to return to re-use an old email address after a long break. Barracuda also found that cyber criminals often use the same email addresses to attack different organizations.

The number of organizations attacked by each malicious email address ranged from one to 256 that were impacted in a single mass attack. The number of email attacks sent by a malicious account ranged from one to more than 600 emails, with the average being 19.

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

Covid-19: 8 die as Kenya records 437 new cases

Kenya on Friday recorded 437 new cases, bringing the country’s total load to 43,580.…