Over 90 Percent of Targeted Attacks Derived from Spear Phishing Emails, According to Trend Micro

   Over 90 Percent of Targeted Attacks Derived from Spear Phishing Emails,
                           According to Trend Micro

New threat research released by Trend Micro gives empirical evidence that an
aggressive breed of phishing attacks is well underway; more than ever,
companies need better threat detection capability and superior "custom"
defenses when it comes to their email security.

PR Newswire

CUPERTINO, Calif., Nov. 28, 2012

CUPERTINO, Calif., Nov. 28, 2012 /PRNewswire/ -- In its analysis of targeted
attack data collected between February and September this year, global cloud
security leader Trend Micro (TYO: 4704;TSE: 4704) found that 91 percent of
targeted attacks involved spear phishing. This finding reinforces the
company's stance that these attacks often begin at a very simple point of
contact – an email message that is cleverly crafted to entice a specific
individual to either open a malicious file attachment or to click a link to a
malware- or an exploit-laden site, starting a compromise within the victim's
network. Spear phishing – coined as a direct analogue to spearfishing – is a
new breed of highly targeted phishing that makes the use of information about
a target to make attacks more specific and "personal" to the target. Spear
phishing emails, for instance, may refer to their targets by their specific
name, rank, or position instead of using generic titles as in broader phishing

According to the report, "Spear Phishing Email: Most Favored APT Attack Bait,"
94 percent of targeted emails use malicious file attachments as the payload or
infection source. The remaining 6 six percent use alternative methods such as
installing malware through malicious links that download malicious files. The
reason for this huge discrepancy is straightforward: Employees in large
companies or government organizations normally share files (e.g., reports,
business documents, and resumes) via email since downloading materials
straight off the Internet is regarded as insecure.

Notable highlights from the report:

  oThe most commonly used and shared file types accounted for 70 percent of
    the total number of spear phishing email attachments during the monitored
    time period. The main file types were: .RTF (38 percent), .XLS (15
    percent), and .ZIP (13 percent). Alternatively, executable (.EXE) files
    were not as popular among cybercriminals, most likely because emails with
    .EXE file attachments are usually detected and blocked by security
  oThe most highly targeted industries are government and activist groups.
    Extensive information about government agencies and appointed officials
    are readily found on the Internet and often posted on public government
    websites. Activist groups, highly active in social media, are also quick
    to provide member information in order to facilitate communication,
    organize campaigns or recruit new members. These habits elevate member
    profiles, making them visible targets.
  oAs a result, three out of four of the targeted victims email addresses are
    easily found through web searches or using common email address formats.

Trend Micro offers the most comprehensive, "first line of defense" email
security against spear phishing attacks

Based on Trend Micro's on-going research surrounding APTs (advanced persistent
threats), organizations must be able to detect and block spear phishing
attempts as its first line of defense against targeted attacks. As part of its
Custom Defense against APTs launch in October, Trend Micro bolstered its suite
of email security solutions to not only stop traditional threats, but also to
identify highly targeted, acute email attacks. By integrating with the new
Trend Micro™ Deep Discovery hardware appliance, a solution that delivers
network-wide threat detection, custom sandboxing, and advanced threat analysis
into a single platform, Trend Micro provides leading capabilities in both
traditional filtering and specialized threat detection in a single email
security layer.

Unlike standard email security solutions that are unlikely to detect spear
phishing emails associated with APTs, Trend Micro's email security products
automatically send suspicious attachments to Deep Discovery for analysis in
customer-defined sandboxes and blocks spear phishing emails in-line. Beyond
email threat detection and protection, Deep Discovery automatically issues
custom security updates to other security layers throughout the organization's
network. Moreover, it correlates local findings with Trend Micro's global
threat intelligence to help security departments fight back against their
attackers – offering detailed information about the specific attack and the
attackers: the nature and extent of the attack, and who is behind it. This
custom insight enables organizations to better respond and protect against
further attack.

Trend Micro's email security products that are equipped with spear phishing
protection include:

  oTrend Micro™ ScanMail™ for IBM™ Lotus™ Domino 5.5 – available now
  oTrend Micro™ ScanMail™ for Microsoft™ Exchange 10.2 SP2 – available at end
    of December
  oTrend Micro™ InterScan™ Messaging Security 8.2 SP2 – available at end of

The full report, "Spear Phishing Email: Most Favored APT Attack Bait," is
available here:

About Trend Micro

Trend Micro Incorporated (TYO: 4704;TSE: 4704), a global cloud security
leader, creates a world safe for exchanging digital information with its
Internet content security and threat management solutions for businesses and
consumers. A pioneer in server security with over 20 years' experience, we
deliver top-ranked client, server and cloud-based security that fits our
customers' and partners' needs, stops new threats faster, and protects data in
physical, virtualized and cloud environments. Powered by the industry-leading
Trend Micro™ Smart Protection Network™ cloud computing security
infrastructure, our products and services stop threats where they emerge –
from the Internet. They are supported by 1,000+ threat intelligence experts
around the globe.

Additional information about Trend Micro Incorporated and the products and
services are available at Trend Micro.com. This Trend Micro news release and
other announcements are available at http://newsroom.trendmicro.com/ and as
part of an RSS feed at www.trendmicro.com/rss. Or follow our news on Twitter
at @TrendMicro.

SOURCE Trend Micro Incorporated

Website: http://www.trendmicro.com
Contact: Andrea Mueller, Trend Micro, Public Relations,
Press spacebar to pause and continue. Press esc to stop.