In 91 Percent of All Baiting Email Operations, Gmail Accounts Are Used

In 91 Percent of All Baiting Email Operations, Gmail Accounts Are Used

Bait attacks are increasing, and it appears that those that send this type of phishing email prefer to execute their operations using Gmail accounts. According to a Barracuda research based on a survey of 10,500 businesses, 35% of them got at least one bait attack email in September 2021 only.

A “bait attack” is a type of phishing in which threat actors seek to obtain basic information about a specific target to use it in subsequent attacks that are more focused and successful. It’s a reconnaissance stage that doesn’t usually include payloads or embedded URLs in the email body. There are no links to phishing websites in these emails, and there are no attachments. It helps them quickly pass-through phishing defense systems.

According to Barracuda’s statistics, 91 percent of all bait emails are sent from freshly formed Gmail accounts, with the rest of the email platforms accounting for only 9%. This preference stems from the fact that Gmail is a well-known service that people identify with legality and reliability.

The same may be said for email security solutions that regard Google’s email service as trustworthy. Furthermore, Gmail is a platform that enables the rapid and painless establishment of pseudonymous accounts.

Finally, Gmail has “read receipt” capability, which informs the actors that the receiver of the message has opened it even if they have not responded. This accomplishes the baiting attack’s goal of confirming that the mailbox is live and genuine in a stealthy manner.

Barracuda decided to test the concept by responding to the baiting emails, which aren’t meant to start the phishing process in the first place. After a fake Norton LifeLock purchase claim, the employee of the security business got a targeted phishing attempt within 48 hours.

This swift response reveals the perpetrators’ preparation and the close link between these seemingly harmless empty emails and full-fledged phishing attempts. Remember that you don’t have to react to these emails to affirm that they are available for possible exploitation, so if you receive one, delete it without opening it. On the other hand, responding elevates the victim’s status in the eyes of the actors, as individuals who respond to bait emails are often more vulnerable and simpler to abuse.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.