ChannelLife Australia logo
Industry insider news for Australia's technology resellers
Story image

Amazon, Microsoft, Adobe amongst top brands impersonated in phishing attacks

By Shannon Williams
Wed 22 Sep 2021

Two million malicious emails bypassed traditional email defences, like secure email gateways, between July 2020-July 2021, according to new data from Human Layer Security company Tessian. 

These emails were detected by inbound email security tool Tessian Defender and, in a first-of-its-kind report, Tessian analysed them to reveal how these attacks slipped past existing controls and the tactics cybercriminals use to carry out advanced spear phishing attacks.

The report revealed that organisations received the most malicious emails in the last three months of the year, with Tessian detecting 45 per cent more malicious emails in October, November and December 2020 versus the quarter before. November 2020 saw the biggest spike, with around 90,000 malicious emails detected in the week of the Black Friday sales. 

Overall, employees received an average of 14 malicious emails per year. However, this number rose dramatically in the retail sector, with employees in this industry receiving the most malicious attacks at 49 on average. Manufacturing employees received the second most at 31, employees in the food & drink industry received 22, research and development employees received 16 and tech employees received 14.

Interestingly, Tessian researchers found that malicious emails are typically delivered around 2 p.m. and 6 p.m. in the hopes that a phishing email will slip through the cracks of a tired or distracted employee. In a previous Tessian report, 45 per cent of employees admitted they had clicked on a phishing email because they were distracted.

When looking at the techniques used to target employees, impersonation tactics like display name spoofing, whereby the attacker changes the sender’s name to someone the target recognises, were used in 19 per cent of malicious emails while domain impersonation, whereby the attacker sets up an email address that looks like a legitimate one, was used in 11 per cent of threats detected by Tessian. Two per cent were account takeover attacks.

The top five brands most likely to be impersonated in the malicious emails detected between July 2020 and July 2021 were Microsoft, ADP, Amazon, Adobe Sign and Zoom - the latter likely spurred on by the shift to remote working.

“Gone are the days of the bulk spam and phishing attacks, and here to stay is the highly targeted spear phishing email. Why? Because they reap the biggest rewards," says Josh Yavor, chief information security officer, Tessian.

“The problem is that these types of attacks are evolving every day. Cybercriminals are always finding ways to bypass detection and reach employees’ inboxes, leaving people as organisations’ last line of defence," he says. 

"It’s completely unreasonable to expect every employee to identify every sophisticated phishing attack and not fall for them. Even with training, people will make mistakes or be tricked. Businesses need a more advanced approach to email security to stop the threats that are getting through - the attacks that are causing the most damage - because it’s not enough to rely on your people 100% of the time.”

Related stories
Top stories
Story image
eCommerce
Online shoppers leaving cart because of high shipping costs - report
New research commissioned by HUBBED reveals 90% of online shoppers abandoned a cart due to high shipping costs, and 64% say the lack of security was a purchase deterrent.
Story image
Dark web
Beware the darkverse and its cyber-physical threats 
A darkverse of criminality hidden from law enforcement could quickly evolve to fuel a new industry of metaverse-related cybercrime.
Story image
Australian Spatial Analytics
Australian Spatial Analytics expands to Melbourne
The data services provider employing neurodiverse people experiences significant growth, gearing up for national expansion.
Story image
Gaming
Attacks on gaming companies more than double over past year
The State of the Internet report shows gaming companies and gamer accounts are at risk, following a surge in web application attacks post pandemic.
Story image
Physical Security
PMT Security awarded sole Australian distribution rights to SmokeCloak
PMT Security will soon become the sole distributor of SmokeCloak in Australia, with the company being awarded the exclusive rights to represent the SmokeCloak brand.
Story image
Microsoft
Spectralink DECT devices now integrated with Microsoft Teams SIP Gateway
Spectralink DECT devices are now integrated with Microsoft Teams SIP Gateway to help create better results for business-critical frontline workers.
Story image
Tablets & laptops
Chromebook and tablet shipments see another rapid decline for the year
According to research from Canalys PC Analysis, Chromebook and tablet shipments have fallen for the fourth quarter in a row for Q2 of 2022.
Story image
i-PRO
VisualCortex and i-PRO partner for enhanced APAC deployments
VisualCortex and i-PRO have partnered to facilitate enterprise-wide Computer Vision technology deployments in APAC.
Story image
Data Protection
Video: 10 Minute IT Jams - An update from SearchInform
Alexey Pinchuk joins us today to discuss the role the company plays in helping organisations manage risk and provide better security outcomes.
Story image
Firewall
Fortinet unveils compact firewall for hyperscale data centres, 5G networks
"Fortinet’s dedication to pushing the boundaries of what is possible in security performance has yielded the most powerful compact firewall yet."
Story image
Wireless
Wave Audio spices up portfolio with first ever party speaker
Australian-based pioneers Wave Audio are enhancing their extensive range of groundbreaking new audio products by adding one of the most versatile speakers on the market to their growing portfolio.
Story image
Wireless
Hands-on review: James Donkey RS4 Knight Wireless Gaming Keyboard
I have always liked mechanical keyboards, and this is no exception. I find the action much easier to use than the modern keyboards with limited travel.
Story image
SAP
Microsoft unveils two new security products to help reduce attack surfaces
The products are set to give companies deeper insights into threat actor activity and help them successfully navigate the changing threat landscape.
Story image
10 Minute IT Jams
Video: 10 Minute IT Jams - An update from Heidrick & Struggles
Graham Kittle joins us today to discuss how the company is helping organisations bring about change within their business.
Story image
Compliance
Why security needs to shape your journey to the cloud
It's estimated that 80% of workloads could be in the cloud in the next few years. How can you make all that data secure?
Story image
Neat
Workplace design a crucial factor for better employee experience - report
The key to a successful workplace could be its design, according to research from Ecosystm and Neat.
Story image
Document Management
TrustRadius gives M-Files two document management awards
TrustRadius has recognised M-Files with both a 2022 Best Feature Set and a 2022 Best Relationship award in document management.
Story image
BAI Communications Australia
BAI Communications to help improve mobile coverage across regional NSW
Deputy Premier and Minister for Regional NSW Paul Toole said regional communities deserve reliable and affordable mobile services.
Story image
First Nations
Google.org and INCO's $750,000 First Nations digitisation fund
INCO has launched its First Australians Digitisation Fund, with support from Google.org, to help organisations using tech to achieve better outcomes for First Nations communities.
Story image
Cybersecurity
Optic Security Group on Australia recruitment drive
Trans-Tasman security integrator looks to meet the twin challenges of high client project demand tight & labour market supply with new opportunities.
Story image
Hybrid Cloud
The essential guide to digital transformation by SolarWinds
Digital transformation is a buzzword thrown around all the time by companies, but what does it actually mean and why is it important? SolarWinds breaks it down.
Story image
Data Protection
Cloud privacy, data protection more complex than on-prem
In the past 12 months, over a third of Australian businesses (36%) experienced a cloud-based data breach or failed audit. 
Story image
Enterprise
Fortinet reports second quarter 2022 financial results
“We delivered strong revenue and billings growth in the second quarter driven by an increase in the number of transactions larger than one million dollars."
Story image
Inde
Exclusive: Inde provides innovative solutions across the tech sector
Inde likes to call its approach the 'power of the collective', which essentially means that if a client approaches the company with a problem, they'll get the team's collective insight to help drive the best outcome.
Story image
Tablets & laptops
Hands-on review: Xencelabs Graphic Display Tablet
Xencelabs seemed to show up out of nowhere on the market. I had no idea who they were or what they were about, but I was very intrigued.
Story image
Home Entertainment
Hands-on review: TCL 65″ C835 Mini LED 4K Google TV
We introduce you today to a TV that brings the height of immersion to your viewing experience: The TCL 65″ C835 Mini LED 4K Google TV.
Story image
Wireless
Wave Audio delivers ultimate immersion with new wireless earbuds
Wave Audio, one of Australia's best new audio brands, has recently released a set of landmark noise-cancelling true wireless earbuds, the Immersive Pro.
Story image
Enterprise Resource Planning / ERP
Exclusive: SYSPRO on how ERP plays a role in Australia's manufacturing investment plan
While there is a significant drive for change, it's really down to execution, and businesses need to be prepared to find the right strategies for them to make full use of the government support.
Story image
Biometrics
AU biometric security company achieves B Corp cert
Australian biometric security firm Daltrey has announced it has become the first cybersecurity vendor in AU to achieve the B Corp certification.
Story image
ACCC
Telstra to address 5G competition concerns by ACCC
The Australian Competition and Consumer Commission has accepted a court-enforceable undertaking from Telstra to address competition concerns with Optus.
Story image
Cheetah Digital
Privacy, data ethics and the ‘seismic shift’ in consumer trust
Aussie consumers have low levels of trust for advertising, but will pay more to purchase from a trusted brand, a new report from Cheetah Digital reveals.
Story image
Tech job moves
Tech job moves - Cohesity, Equinix, IDC, Proofpoint & Xero
We round up all job appointments from July 29 - August 5, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Sustainability
Green hydrogen company Hysata raises AUD $42.5 million
Global investors are supporting Hysata's hydrogen electrolyser technology as the organisation closes its oversubscribed Series A funding round of AUD $42.5 million. 
Wiise
Discover why cloud ERP is central to a growing business' tech stack. Sign up now for free.
Link image
Story image
Mergers and Acquisitions
Netskope acquires Infiot, delivers integrated SASE platform
Converged SASE platform provides AI-driven zero trust security and simplified, optimised connectivity to any network location or device, including IoT.
Story image
Malware
Nozomi Networks Labs identifies impacts on 2022 threat landscape
Nozomi Networks’ latest research finds that wiper malware, IoT botnet activity, and the Russia/Ukraine war have had the biggest impact on the threat landscape in 2022 so far.
Story image
Digital Transformation
Macquarie Telecom rolls out SD-WAN services for mycar Tyre & Auto
Macquarie Telecom says it has rolled out NBN and SD-WAN services to more than 270 mycar Tyre & Auto stores across Australia. 
Story image
Web application firewall
Radware recognised in KuppingerCole’s 2022 Leadership Compass report
Radware has been named a Product, Innovation, Market and Overall Leader in the 2022 KuppingerCole Leadership Compass report for Web Application Firewalls.
Story image
Cybersecurity
More than a fifth of cybersecurity teams ban the use of public WiFi
Verizon’s fifth annual Mobile Security Index report has revealed a continued rise in significant cyberattacks in the last year involving a mobile/IoT device.
Story image
SaaS
Claroty launches new cloud-based industrial cybersecurity platform
The company says Claroty xDome is the industry's first solution to deliver the ease and scalability of SaaS without compromising on visibility, protection, and monitoring controls.
Story image
Gigabit
Keysight Technologies and Nokia’s public test of 800GE success
Keysight and Nokia have successfully demonstrated the first public 800GE test, validating the readiness of next-generation optics for service providers and network operators.
Story image
Identity and Access Management
Pitney Bowes launches rebranded digital visitor management offering in A/NZ
Pitney Bowes has launched Smart Access Management (SAM), its rebranded digital visitor and contractor management offering in Australia and New Zealand.