
You are always volatile to the phishing attacks. If not careful, you may be the next victim of these email scams.
If the current efforts of the data scientists reach a logical conclusion, there will be effective detectors in the market soon to identify and stop the lateral phishing attacks.
Data Science Institute at Columbia has developed a prototype of a machine-learning based detector that automatically detects and stops lateral phishing attacks.
Scams targeting users from compromised email accounts within an organization – or better known as lateral phishing attacks – are on the rise everywhere in the world. In the past, the attackers used to send phishing scams from outside email accounts. But now they use the email accounts within the organisation to launch internal phishing mails.
And when a phishing email comes from an internal account, the vast majority of email security systems can’t stop it. Existing security systems largely detect cyber attacks that come from the outside, relying on signals like IP and domain reputation. But this does not work with the email comes from an internal source.
The detector now developed uses several features to stop attacks, including detecting whether the recipient deviates from someone an employee would usually communicate with; whether the email’s text is similar to other known phishing attacks; and whether the link is anomalous. The detector can detect the vast majority of these attacks with a high precision rate and a low false positive rate — under four false positives for every one-million employee-sent emails.
The research team that analyzed a dataset of 113 million employee-sent emails from nearly 100 businesses. They also characterized 147 lateral phishing incidents, each of which involved at least one phishing email. The study was conducted jointly with Barracuda Networks, a network security company that provided data on its customers to the researchers with the goal of developing a detector for lateral phishing.