Security News > 2020 > June > Understanding the Payload-Less Email Attacks Evading Your Security Team

To boot, the payload-less nature of these BEC attacks evades detection from traditional email security solutions.
Unsurprisingly, over the past few weeks the Abnormal Security Research Team has observed that the majority of email attacks have a COVID-19 related element.
Attacks have included COVID-19 vaccine donation scams, WHO donation scams, COVID-19 medication scams, stimulus payment attacks and Zoom malware attacks preying on job-layoff fears.
While some email security solutions may detect these attacks these attacks are difficult to reliably catch.
According to the Abnormal Security Research Team, 69 percent of payload-less attacks impersonate someone the recipient knows; while employees are 17 times more likely to engage with a payload-less attack email than they are with with other types of phishing and spam.
News URL
https://threatpost.com/understanding-payload-less-email-attacks/156299/
Related news
- ClickFix attack delivers infostealers, RATs in fake Booking.com emails (source)
- AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner (source)
- Linux 'io_uring' security blindspot allows stealthy rootkit attacks (source)