FireEye has just released research showing that spearphishers increase their attacks during holidays.  This graphic from FireEye shows the number of incoming malicious email attachments that evaded detection by the initial Anti-Virus and Anti-Spam defenses.

FireEye Holiday Attacks

FireEye says that the trend to mount attacks during national holidays suggests that the bad guys are attacking at times when IT operations are lightly staffed, thereby increasing the probability of avoiding detection.  Firewire observed that the national holiday attacks are well-coordinated:

Prior to the start of the actual holiday, attackers appear to experiment with multiple campaigns, as illustrated by the smaller spikes in traffic, leading up to the relative maximal peak. After measuring initial success, their final techniques are refined and corresponding attacks are significantly amplified during the 3 days around the national holiday.

Why isn’t this trend observed over the Christmas holiday?  FireEye believes that the bad guys did not focus on Christmas because very few employees go to work over that period, providing fewer targets to attack.

The FireEye research emphasizes the point that spearphishing attacks the people, not systems.  Employees must be empowered to defend against cyberattacks. When the cyberattacks target the human, the human must be hardened. A tool that hardens the human  is available now from Iconix. That tool is SP Guard from Iconix.

SP Guard Inbox

SP Guard provides the recipient with three confirmations that a message is real:

  1. List View. There is an integrity indicator in the list view of the email client.
  2. Message. The open message has a further indicator of authenticity.
  3. Mouseover. Mousing over the authentication indicator in the message prompts the display of a certificate that further identifies the sender.

SP Guard now offers a fraud filtering enhancement.  This additional protection is becoming increasingly important given the latest generation of highly targeted spear-phishing emails which are so well crafted that users cannot tell real from fake.

SP Guard is available now from Iconix.  For further information, contact us at 408-727-6342, ext 3 or use our online form.