The number of email spoofing attacks has almost doubled month-on-month, a new report from cybersecurity experts at Kaspersky suggests. According to the firm, the total number of spoofing attacks rose to 8,204 in May, up from 4,440 the month prior.
A number of different methods fall under the “email spoofing” category, it seems, as Kaspersky says the attack can be conducted in multiple ways.
The easiest method is “legitimate domain spoofing”, where the attacker inserts the domain of the spoofed organization into the “From” header, but criminals are also using "display name spoofing”. In this attack, which usually occurs if a company uses advanced authentication methods, the attacker spoofs the individual sending the email to make it seem as if a real employee is behind the message.
In some scenarios, the attackers go for lookalike domains, which might sound like a simple ruse, but in reality can be difficult to spot. For example, hackers have been known to register domains that combines Latin and Cyrillic letters, which make the lookalike almost identical to the original.
Although spoofing can be a standalone attack, it's also often used as the first stage of a more complex business email compromise (BEC) attack, Kaspersky explained. These attacks can lead to identity theft and business downtime, as well as significant monetary losses.
“The good news is that there is a range of anti-spoofing protection solutions available and new authentication standards that can keep your business email secure," said Roman Dedenok, Security Expert at Kaspersky.