How Easy Was it for a Routine Phishing Scam to Rock Global Financial Markets?

Posted by Ken Takahashi on

And what can we do to make it less easy?

When an Associated Press journalist’s Twitter account was compromised last Tuesday, reportedly through a phishing attack, the consequences of a common email security breach were felt around the world. Stock markets plunged within seconds of a phony tweet about an explosion at the White House, instantly erasing $136.5 billion of value from the S&P 500 index.

When the story proved false the markets recovered their losses, but the sense of vulnerability remains. How did a routine email scam, one of thousands like it that circulate every day, dupe a sophisticated communications specialist into giving up secure information? The answer may lie in the growing sophistication of email fraud.

Most email users have seen phishing messages. They look like email from trusted senders with links to login, update information, or track orders, ultimately so the scammer can install malware or steal passwords and other information. People are increasingly wary of these scams, but phishing messages are increasingly more convincing. Some look almost exactly like messages subscribers are used to seeing, and more frequently scammers are targeting customers of specific brands. This is spear phishing – exploiting information about the targets (like Twitter handles) to customize phishing messages. As last week’s attack on the AP shows, it works.

Prominent brands, mailbox providers, and technologists are fighting back. One approach to monitoring and combatting phishing attacks uses email authentication and the DMARC standard to detect messages that appear to come from a company’s sending domain (alerts@ProminentBank.com) but can’t be authenticated. Brand owners can direct participating mailbox providers to quarantine or even block these messages from ever reaching subscribers.

When phishing messages appear to come from a domain that isn’t the brand owner’s, either a lookalike (alerts@ProminentBank.com) or an unrelated domain (alerts@Pr0minentBank.com), the authentication-based approach can’t help. But another approach, one that uses big data to analyze massive volumes of email in real-time, can help brands identify this kind of phishing attack.

Introducing a Full-Spectrum Phishing Solution

Because Return Path analyzes more email data than anyone else in the world, we are uniquely positioned to search for patterns and anomalies within the mailstream and apply this approach to detect and mitigate phishing attacks—regardless of what domain they appear to come from. After testing this approach with a number of high-profile brands, we’ve made it publicly available. This means that Return Path can now help brand owners see the full spectrum of phishing and take steps to stop attacks and pursue criminals.

This is an important step toward eradicating phishing because it makes it easier for targets of attacks to see them early, warn their subscribers, and take action. As brand owners and others use available solutions to combat this threat, it becomes vastly harder for fraudsters and hackers to succeed with scams like the one that jolted financial markets last week.


Popular this Month

 3 Trends Impacting Email: Persistent Fraud, Part 2

3 Trends Impacting Email: Persistent Fraud, Part 2

In part one of this three-part series, I examined the evolving landscape of...

Read More

 The Top 16 Topics of 2016

The Top 16 Topics of 2016

2017 is finally here! But before we focus on the year ahead, we wanted to...

Read More

 Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Cyberattacks against your brand can be very damaging and costly to both your...

Read More

Author Image

About Ken Takahashi

Author Archive

Stay up to date

Enter your name and email address below to subscribe to our mailing list.

Your browser is out of date.
For a better Return Path experience, click a link below to get the latest version.