By Asaf Cidon, VP Email Security, Barracuda Networks
Account takeover is one of the biggest threat vectors in the cybersecurity industry today. More and more organisations are getting hit, as attackers move away from phishing emails to the more lucrative targeting of business executive accounts.
In 2019, the level of personalisation in these attacks will reach new heights:
An attacker will know when an executive is on a ﬂight and not on email, and will choose then to target one of their subordinates by impersonating the executive;
An attacker will know that their target is going to make a big purchase and will jump in right before the transaction takes place to redirect the funds or change the order information.
These are two examples of how attackers will up the ante by making account takeovers and email attacks so personalised that even the most savvy of targets can be fooled.
In that vein, a big problem in cybersecurity that will grow even bigger is that of identity — how do we know if someone is really who they say they are? This challenge will be exacerbated as more organisations continue to move to the cloud and remote logins become more common.