{"id":5561,"date":"2019-12-16T21:24:50","date_gmt":"2019-12-16T21:24:50","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5561"},"modified":"2021-05-13T11:25:14","modified_gmt":"2021-05-13T10:25:14","slug":"top-social-engineering-techniques-trending-email","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email","title":{"rendered":"Top Social Engineering Techniques Trending on Email"},"content":{"rendered":"<p>We all know the famous saying, \u201cemail is the number one attack vector.\u201d Is this still true? Unfortunately, yes. The tool we use daily and that businesses rely on to get their jobs done, remains the number one attack vector and one of the easiest targets for social engineering attacks<sup>i<\/sup>. Social engineering continues to be at the forefront of all attacks that target people, with phishing taking lead as the top threat vector for cyberattacks.<\/p>\n<p>Social engineering relies on human interaction and involves manipulating people into breaking normal security procedures and best practices. The goal of these attacks is not always about malware installation. Instead, many are focused on credential theft and duping people into transferring money into rogue accounts.\u00a0These types of attacks aren\u2019t limited to email-based attacks. There are many methods and tactics social engineering can use to manipulate people into sharing sensitive information\u2014from web-based and wireless access point attacks to QRCode generation and phone attacks.<\/p>\n<p>However, in this blog we\u2019ll focus specifically on email and look at the top email-based social engineering techniques trending right now.<\/p>\n<h2>#1 Phishing<\/h2>\n<p>While spam will always be an issue in general, phishing and spear phishing are dominant among social engineering attacks on email\u2014and they continue to grow in sophistication. According to Phishlabs, phishing grew 40.9% in 2018<sup>iii<\/sup>\u200b. Phishing operates on a different model to spam. Rather than low work and high volume, with profit coming from convincing a small group of recipients to pay a certain amount of money, it\u2019s more work and lower volume\u2014with profit coming from convincing a significant proportion of recipients to pay a lot more money.<\/p>\n<p>It\u2019s the higher figures involved that make phishing and spear phishing more profitable for cybercriminals\u2014especially with a lot of businesses using anti-spam solutions today. In a phishing campaign, cybercriminals try to obtain as many email addresses as possible and craft emails to look like official emails from companies. These campaigns normally prompt users to click on a link that takes them to a (fake) site where a request asks them to enter sensitive information\u2014such as account or credit card details. Spear phishing campaigns, however, are carefully tailored to a very specific target (such as a company\u2019s head of payroll or CFO) and often involve requests for very large money transfers to the cybercriminals\u2019 accounts.<\/p>\n<p>The top phishing subject lines seen recently<sup>iv<\/sup>:<\/p>\n<ul>\n<li>\u201cPayment Notification Ref: LK34NKYF\u201d<\/li>\n<li>\u201cAccount deactivation notice\u201d<\/li>\n<li>\u201cMail failure Delivery Notice\u201d<\/li>\n<li>\u201cURGENT\u201d<\/li>\n<li>\u201cPending Package Schedule for Delivery\u201d<\/li>\n<li>\u201cVerify Your Account\u201d<\/li>\n<li>\u201cIncoming Invoice\u201d<\/li>\n<li>\u201cTake action on your PayPal account\u201d<\/li>\n<\/ul>\n<p>As you can see, one of the most common traits among these is urgency. The subject is eye catching in that it creates a sense of panic for the recipient to act. It doesn\u2019t always take a highly targeted phishing attack to be successful.<\/p>\n<h2>#2 Business email compromise<\/h2>\n<p>Business email compromise is the next trending attack. Over $1.2 billion of losses were reported in 2018 due to business email compromise scams<sup>v<\/sup>. \u00a0\u200bSpoofing, baiting, and display name spoofing are all key characteristics of business email compromise. These emails don\u2019t have links but prompt the recipient to take a certain action. Many of these attacks aim to take over an email account, which cybercriminals then use to further propagate other attacks and steal money or sensitive information. There\u2019s a great deal that must occur even after the breach takes place to make it worth the criminal\u2019s while. For example, business email compromises normally involve the fraudulent transfer of funds into an attacker-owned bank account.\u00a0\u200bIf this is unsuccessful, it doesn\u2019t mean the attacker will give up. They may then try to sell the information they stole. This is born out by the fact that Verizon found many business email compromise attacks have a value of zero losses in their most recent Data Breach Investigations report<sup>vi<\/sup>.<\/p>\n<p>Within the field of\u00a0<a href=\"https:\/\/www.solarwindsmsp.com\/products\/mail\/use-cases\/business-email-compromise\">business email compromise<\/a>, we\u2019ve seen a spike in display name spoofing attacks. Attackers are finding it harder to spoof sending domains with a rise in technologies like SPF, DMARC, and DKIM. With display name spoofing, cybercriminals will change their sending display name to be that of an executive (c-level) in the targeted organization. \u200bFor example, an attacker will register a free email account and use any email address. The address will mostly contain the name of the executive they\u2019re trying to spoof. The attacker will then set their display name to match the CEO or executive. When they send their phishing messages to an organization, they\u2019re betting the recipient won\u2019t look at the sending address, and only look at the sending display name. Some recipients may even believe the sending email address is the personal email of the executive. It all seems very real.<\/p>\n<h2>How can you protect against these trending attacks?<\/h2>\n<p>True protection comes with a layered security program. Deploying a professional email security solution is a start in the right direction, but don\u2019t exclude education. Educating users on the different types of attacks\u2014and damaging consequences\u2014should be an integral part of your security strategy and programs.<\/p>\n<p>Interested to learn more about social engineering techniques on email and prevention tips?\u00a0<a class=\"ext\" href=\"https:\/\/pages.solarwindsmsp.com\/social-engineering-webcast-trial.html\" target=\"_blank\" rel=\"noopener noreferrer\">Click here<\/a>\u00a0to watch our webcast: Social Engineering: Prevention Tips &amp; Best Practices.<\/p>\n<p><em>Mia Thompson is product marketing manager, Mail Assure, at SolarWinds MSP.<\/em><\/p>\n<p>&nbsp;<\/p>\n<p><u>Sources<\/u><\/p>\n<ol>\n<li><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/email-a-top-attack-vector-users\/\">\u201cEmail, a Top Attack Vector, Users Can\u2019t ID a Fake,\u201d Infosecurity Magazine.<\/a>\u00a0(Accessed November 2019).<\/li>\n<li><a href=\"https:\/\/info.phishlabs.com\/hubfs\/2018%20PTI%20Report\/PhishLabs%20Trend%20Report_2018-digital.pdf\">\u201c2018 Phishing Trends &amp; Intelligence Report: Hacking the Human,\u201d Phishlabs<\/a>. (Accessed November 2019).<\/li>\n<li><a href=\"https:\/\/info.phishlabs.com\/hubfs\/2019%20PTI%20Report\/2019%20Phishing%20Trends%20and%20Intelligence%20Report.pdf\">\u201c2019 Phishing Trends and Intelligence Report: The Growing Social Engineering Threat,\u201d Phishlabs.<\/a> (Accessed November 2019).<\/li>\n<li>SolarWinds Mail Assure Top Phishing Subjects Report (Published November 2019).<\/li>\n<li><a href=\"https:\/\/pdf.ic3.gov\/2018_IC3Report.pdf\">\u201c2018 Internet Crime Report,\u201d Federal Bureau of Investigations.<\/a>  (Accessed November 2019).<\/li>\n<li><a href=\"https:\/\/enterprise.verizon.com\/resources\/reports\/dbir\/\">\u201c2018 Data Breach Investigations Report,\u201d Verizon<\/a>.\u00a0(Published April 2018).\u200b<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Emails are rife with social engineering attacks. Mia Thompson looks at the most common forms of attack and what MSPs can do to help protect their customers.<\/p>\n","protected":false},"author":47,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5561","post","type-post","status-publish","format-standard","hentry","topic-email"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Top Social Engineering Techniques Trending on Email - N-able<\/title>\n<meta name=\"description\" content=\"Emails are rife with social engineering attacks. Mia Thompson looks at the most common forms of attack and what MSPs can do to help protect their customers.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Top Social Engineering Techniques Trending on Email - N-able\" \/>\n<meta property=\"og:description\" content=\"Emails are rife with social engineering attacks. Mia Thompson looks at the most common forms of attack and what MSPs can do to help protect their customers.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2019-12-16T21:24:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-13T10:25:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Mia Thompson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mia Thompson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email\"},\"author\":{\"name\":\"Mia Thompson\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/bc38305467dc98bb09bc55bea775f1ce\"},\"headline\":\"Top Social Engineering Techniques Trending on Email\",\"datePublished\":\"2019-12-16T21:24:50+00:00\",\"dateModified\":\"2021-05-13T10:25:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email\"},\"wordCount\":960,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\"},\"articleSection\":[\"Mail\"],\"inLanguage\":\"pt-BR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email\",\"url\":\"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email\",\"name\":\"Top Social Engineering Techniques Trending on Email - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#website\"},\"datePublished\":\"2019-12-16T21:24:50+00:00\",\"dateModified\":\"2021-05-13T10:25:14+00:00\",\"description\":\"Emails are rife with social engineering attacks. Mia Thompson looks at the most common forms of attack and what MSPs can do to help protect their customers.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Mail\",\"item\":\"https:\/\/www.n-able.com\/pt-br\/blog\/category\/mail\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Top Social Engineering Techniques Trending on Email\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#website\",\"url\":\"https:\/\/www.n-able.com\/pt-br\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/pt-br?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/pt-br\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/bc38305467dc98bb09bc55bea775f1ce\",\"name\":\"Mia Thompson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/b6a6ab02ed6aac5138ddb30544154dc40aa39952b4b2da4149452b494638e3bb?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b6a6ab02ed6aac5138ddb30544154dc40aa39952b4b2da4149452b494638e3bb?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b6a6ab02ed6aac5138ddb30544154dc40aa39952b4b2da4149452b494638e3bb?s=96&d=mm&r=g\",\"caption\":\"Mia Thompson\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Top Social Engineering Techniques Trending on Email - N-able","description":"Emails are rife with social engineering attacks. Mia Thompson looks at the most common forms of attack and what MSPs can do to help protect their customers.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email","og_locale":"pt_BR","og_type":"article","og_title":"Top Social Engineering Techniques Trending on Email - N-able","og_description":"Emails are rife with social engineering attacks. Mia Thompson looks at the most common forms of attack and what MSPs can do to help protect their customers.","og_url":"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2019-12-16T21:24:50+00:00","article_modified_time":"2021-05-13T10:25:14+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Mia Thompson","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Escrito por":"Mia Thompson","Est. tempo de leitura":"5 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email"},"author":{"name":"Mia Thompson","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/bc38305467dc98bb09bc55bea775f1ce"},"headline":"Top Social Engineering Techniques Trending on Email","datePublished":"2019-12-16T21:24:50+00:00","dateModified":"2021-05-13T10:25:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email"},"wordCount":960,"publisher":{"@id":"https:\/\/www.n-able.com\/pt-br#organization"},"articleSection":["Mail"],"inLanguage":"pt-BR"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email","url":"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email","name":"Top Social Engineering Techniques Trending on Email - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/pt-br#website"},"datePublished":"2019-12-16T21:24:50+00:00","dateModified":"2021-05-13T10:25:14+00:00","description":"Emails are rife with social engineering attacks. Mia Thompson looks at the most common forms of attack and what MSPs can do to help protect their customers.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/top-social-engineering-techniques-trending-email#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Mail","item":"https:\/\/www.n-able.com\/pt-br\/blog\/category\/mail"},{"@type":"ListItem","position":2,"name":"Top Social Engineering Techniques Trending on Email"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/pt-br#website","url":"https:\/\/www.n-able.com\/pt-br","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/pt-br#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/pt-br?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/pt-br#organization","name":"N-able","url":"https:\/\/www.n-able.com\/pt-br","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/bc38305467dc98bb09bc55bea775f1ce","name":"Mia Thompson","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/b6a6ab02ed6aac5138ddb30544154dc40aa39952b4b2da4149452b494638e3bb?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b6a6ab02ed6aac5138ddb30544154dc40aa39952b4b2da4149452b494638e3bb?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b6a6ab02ed6aac5138ddb30544154dc40aa39952b4b2da4149452b494638e3bb?s=96&d=mm&r=g","caption":"Mia Thompson"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts\/5561","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/users\/47"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/comments?post=5561"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts\/5561\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/media?parent=5561"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}