Email Security

    Barrel Phishing: What Is It and Why Is It So Dangerous?
     

    Barrel phishing is particularly dangerous because of its emphasis on winning trust through deception.

    by Giulian Garruba
    53BLOG_1.jpg

    Key Points

    • Barrel phishing is distinct from common phishing scams as it targets victims with two or more emails.
    • The first email is generally not malicious but is intended to act as bait, enticing the recipient into believing the message is coming from a trusted source.
    • The second email and subsequent follow-up emails are more aggressive and encourage people to enter or share information.

    Any modern business that stores information digitally or uses email for communication is at risk of being targeted by cyberattackers and having their data compromised. One of the principal ways this happens is through a technique known as phishing. However, under this umbrella term, there are more specific phishing scams, one of the most prominent being barrel phishing or double barrel phishing.

    As people have become more aware and cautious around generic phishing scams, cyberattackers have developed more sophisticated methods, often going to more extreme lengths to entice recipients into allowing access to data. Methods can involve building rapport, creating realistic but fake sites, or even duplicating existing websites. These so-called barrel phishing schemes can be dangerous and have severe repercussions for businesses that are not taking steps to minimize their risk. If your organization can spot the danger signs and take specific preventative measures, it is possible to mitigate the threat of barrel phishing and other potential attacks.

    What Is Barrel Phishing and How Does It Work? 

    Although there is no exact barrel phishing definition, it is distinct from common phishing scams as it targets victims with two or more emails (hence the double barrel phishing meaning). So, what is a barrel phishing attack, and how does it operate?

    The first email is generally not malicious but is intended to act as bait, enticing the recipient into believing the message is coming from a trusted source. The cyberattacker will then send a follow-up message that contains malicious content. The idea is that the first prong of the attack establishes authenticity, and the second lures them into handing over company data, personal details, or financial information.

    The first innocuous email often contains a link to a fake website designed to look and feel like a legitimate and trusted source. Follow-up emails are more aggressive and encourage people to enter or share information.

    There are several main types of barrel phishing attacks, which include:

    • Email Spoofing - Cyberattackers send out an email that appears to have come from a legitimate source. The email usually contains a link that directs the recipient to a fake website.
    • Typosquatting - The attacker creates a fake website that looks similar to a legitimate one. The aim is to get the recipient to enter personal information into this version of the website rather than the real one.
    • Pharming - Attackers redirect traffic from legitimate websites to their fake versions to harvest personal information.

    The Dangers of Barrel Phishing and Why You Should Be Careful 

    Barrel phishing is particularly dangerous because of its emphasis on winning trust through deception. Cyberattackers are going to extreme lengths to establish rapport, often posing as a trusted source or contact and engaging in dialogue that appears to be completely ordinary. Attempts can often involve impersonating friends, colleagues, or trusted business contacts you would otherwise have no reason to mistrust. This sense of shared experience or intimacy is what makes barrel phishing so dangerous.

    Attackers are also now more willing to play the long game. Rather than relying on a lapse in concentration or simple error to click a malicious link, they are now putting the time in to establish trust and lower your defenses. As businesses and employees have become more adept at spotting more traditional phishing scams, cyberattackers have stepped up their game and made these stings far more sophisticated and much more difficult to spot.

    Though the methods might differ, the result of a barrel phishing scam is often the same. You may unwittingly install malware onto your computer by clicking a link or accidentally share sensitive information through a duplicated or compromised site.

    How to Identify a Barrel Phishing Attack 

    There are various ways to spot a barrel phishing scam, but in general spotting these attacks require a heightened sense of vigilance and enhanced security practice. The tell-tale signs of a barrel phishing attack are usually in the second email but remaining vigilant to the following at all times can also help:

    • Emails that contain typos or grammatical errors, as these are often signs that the email is not legitimate
    • Emails with links you were not expecting
    • Emails with links that direct you to websites that look different from what you were expecting
    • Error messages generated after personal information is entered

     

    Examples of Recent Barrel Phishing Attacks  

    A common barrel phishing example takes take the form of two emails. The first is innocuous and generally comes from what appears to be a trusted source, such as a colleague or business contact. The email may be something simple, like:

    ‘Hi. Are you at your desk? Could you do me a quick favor?’

    The cyberattacker waits for a reply, establishing rapport, and then follows it up with a direct request that generally has more malicious intent. For example:

    ‘Great, thanks. I just need you to have a quick look at this report ASAP.’

    The link or attachment will then contain malware or other malicious content, or the message may redirect you to a fake website where scammers harvest information.

    Tips to Protect Yourself from Barrel Phishing  

    There are various ways you can protect yourself from a barrel phishing attack. Here are a few pointers:

    • Check Email Addresses - Always check the email address thoroughly, even if it appears to come from a trusted sender at first glance. Hover over the address to display the actual sender. Check the format of any business email and if the sender is an unknown colleague, check the company register to confirm before replying.
    • Check Links - Before you click any link, hover over it to see where you are being directed. If the two do not correspond this could be a red flag.
    • Trust Your Instincts - If something does not feel right, don’t do it. Don’t interact with any contact until you can verify it is legitimate or uses other communication channels to verify any unusual requests.
    • Require Awareness Training - Businesses must create awareness of these new types of phishing scams. Carry out ongoing security awareness training outlining the most recent developments in cybersecurity and conduct phishing simulations to see how staff respond.
    • Keep Software Up to Date - Keep antivirus and anti-malware software up to date. This will protect your computer from anything malicious that may be used in an attack.

    The Bottom Line: Barrel Phishing  

    As employees and businesses have become wise to phishing scams, cyberattackers are trying increasingly sophisticated methods to get access to sensitive information. This often involves them playing on our instincts to trust familiar people or email addresses, or takes advantage of our desire to help out a colleague. Either way, these attacks can have disastrous consequences.

    By employing a few simple security measures, like updating antivirus software, modernizing email security measures, and training staff, it is possible to mitigate these risks and protect your business.

    Subscribe to Cyber Resilience Insights for more articles like these

    Get all the latest news and cybersecurity industry analysis delivered right to your inbox

    Sign up successful

    Thank you for signing up to receive updates from our blog

    We will be in touch!

    Back to Top