News junkies make great targets

Sourcefire explains how cyber criminals are evolving their approach to elicit clicks from users

Tags: Cyber crimeSourcefire (
  • E-Mail
News junkies make great targets Anthony Perridge, EMEA channel director, Sourcefire.
By  Anthony Perridge Published  April 21, 2014

As Internet users become more attuned to well-known spamming and phishing attacks, cyber criminals have to invent new ways to lure them into opening a malware-laden email or clicking on a link that goes to a malicious website.

As an avid newsreader myself, I know I'd be much more likely to click on a headline like "President Obama in talks with Russian Leaders" or "Global flu pandemic concerns reach all time high" than on an email of cute kitten pictures.

Unfortunately, the truth remains that individuals are a weak link in the battle against cyber criminals. Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target's systems.

The 2013 Verizon Data Breach Investigations Report finds that sending just three emails per phishing campaign gives the attacker a 50% chance of getting one click. With six emails the success rate goes up to 80% and at 10 it is virtually guaranteed. Social media helps spur success, enabling cyber criminals to gather information about us so they know how to more effectively entice targets to click on that malicious email.

We know that security as a people problem is not going away anytime soon, and the advent of the Internet of Everything is going to make this even more of a problem. Not only will users be able to inadvertently expose their systems to malware from their laptops and tablets, they will also be able to click on links from their smartwatches, cars, etc. It won't take long once that malware is on their device for it to proliferate across the entire network and any connected devices, simply from a seemingly trusted news link sent from a "friend's" email address.

Continues on next page>>

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code