Home News Most Phishing Emails Originate from Eastern Europe: Barracuda

Most Phishing Emails Originate from Eastern Europe: Barracuda

Barracuda researchers examined more than two billion emails to trace the geolocation of phishing attacks.

“PerSwaysion” Phishing Campaign Targets High-Ranked Professionals Across The Globe, IKEA email reply-chain attack

Phishing attacks remain a severe threat to small and large organizations globally. It is the most common and popular technique for cybercriminals to pilfer user credentials, commit fraud schemes, and spread malware.

A Juvenile form of attack

Phishing attacks may seem like a low-level cybercrime, but they are well-orchestrated and capable of exploiting a large group of users’ security or an entire organization’s security.    From finding potential targets and creating phishing lures to stealing data, cybercriminals are constantly enhancing their phishing skills. Usually, a common method used by hackers in their phishing emails is encouraging the potential victim to click/open a malicious link or an attachment as matter of urgency.

Who is at fault – humans or technology?

Despite constant security awareness sessions, employees still fall victim to phishing emails. This is because hackers use sophisticated social engineering techniques to trick victims into doing the required task. Humans are the weakest link in any security chain. A single negligent or careless act of an employee can put the entire company’s network into the hands of cybercriminals.

The Phishing Geography A joint analysis from Barracuda and Columbia University found that the majority of phishing emails originate from countries in Eastern Europe, Central America, the Middle East, and Africa. The researchers examined more than two billion emails, including 218,000 phishing emails, sent in January 2020, to find out the geolocation and network infrastructure of the phishing emails.

Countries with a high volume of phishing emails:  

  • Lithuania
  • Latvia
  • Serbia
  • Ukraine
  • Russia
  • Bahamas
  • Puerto Rico
  • Colombia
  • Iran
  • Palestine
  • Kazakhstan

 Things to Remember

  • Countries that have a higher probability of phishing are located in parts of Eastern Europe, Central America, the Middle East, and Africa.
  • Phishing emails are more likely to have routes that traverse multiple countries.
  • Many of the networks that attackers use to send their attacks from are surprisingly large, legitimate cloud providers.

“The networks with the very highest number of phishing attacks are surprisingly owned by large cloud providers. This is expected, as they also have the highest total volume of emails sent. For such networks, the probability of any given email being a phishing email is very low. Most of the attacks originating from these networks are likely coming from compromised email accounts or servers, which the attackers were able to obtain the credentials for,” Barracuda said.

Prevention is better than detection

Organizations mostly train employees on detecting various phishing emails by looking for errors, malicious links, or attachments. Alternatively, organizations can also consider a permanent solution like deploying artificial intelligence or machine learning-based tools to analyze the company’s communication patterns and identify any anomalies that may lead to potentials threats.

Related Stories: