Security company Fireye has release a list of the most common words and phrases that appear in faked emails designed to infect corporate networks and steal data.
They spotlight the social engineering techniques that feature as a key component of “spear phishing attacks”. Hackers tend to use words that create a sense of urgency in an attempt to trick unsuspecting recipients into downloading malware files. The top word category related to courier service such as “DHL” and “UPS” and urgent keywords such as “notification” and “alert”. Email-based attacks increased 56 per cent between Q1 2012 and Q2 2012, according to FireEye.
Cyber-criminals are also fond of baking-related words, such as the names of financial institutions and an associated transaction such as “Bank of America Login”, and tax-related words, such as “Tax_Refund.zip”.
Attackers use zip, PDF and executable files in order to hide malicious code in attacks ultimately aimed at gaining access to corporate networks before stealing intellectual property, customer information, and other valuable data.
Protect your company against cyber attacks with Tiro Security, a leading provider of Infosec jobs located in the heart of Silicon Beach in Los Angeles, CA.