Skip to main content

Hackers are tweaking their approach to phishing attacks in 2021

(Image credit: Image source: Shutterstock/kpatyhka)

Cybercriminals are a creative bunch, constantly coming up with new ways to avoid detection and advance their sinister goals. A new report from cybersecurity experts at BitDam describes a few fresh techniques used in the wild so far in 2021.

According to the report, email protection solutions tend to trust newly created email domains that are yet to be flagged as dangerous. Criminals are now increasingly exploiting this fact to increase the chances that phishing and malware emails make it into victims' inboxes.

The report further claims that security solutions don't always classify error messages as suspicious, leading criminals to create fake error messages in their email attachments, paired with “Retry” buttons.

Clicking on these buttons sends the victim to a website, away from the safety of the email protection solution, where they are prompted to provide their login credentials.

BitDam says that a combination of these tactics makes detection extremely difficult for traditional email security solutions.

Friday is said to be the most popular day for sending out phishing emails, with 37.2 percent arriving on the final day of the working week, as compared with an average of 18.9 percent on other working days.