The new threat relates to a new worm phishing tactic that has caused a wave of account takeovers, as reported by ZDNet. The virus results in phishing emails being sent as replies to genuine emails.
To understand more about the threat, Digital Journal spoke with Will LaSala, Security Evangelist and Senior Director of Global Security Solutions, OneSpan.
LaSala begins by looking at the specific threat posed by the virus: “Worms are always difficult to mitigate because they gain access to accounts and then automate their way to create duplicates of themselves. As with any automated attack, they are built around performing the same function every time they infect a new host or find a new set of credentials. This can actually help back-end fraud systems used by financial institutions and other organizations because it creates a pattern that can be quickly and easily picked up by anti-fraud systems that leverage artificial intelligence and machine learning technologies.”
In terms of preventative actions, LaSala recommends: “To stop the attack in the first place, email users must enable more secure forms of authentication, such as multi-factor authentication (MFA) with push technology. Username and static password or even username and SMS OTP are not strong enough today. People should use secure push or secure external OTP via an app to protect their email accounts. If possible, they should use push OTP with context, so they know exactly what the authentication request will be used for.”
The expert concludes that: “The key takeaway for organizations and security professionals is that by combining stronger authentication with the ability to automatically detect attack patterns using AI-powered fraud systems, worms are less likely to be successful.”
