Bait attacks are on the rise, and it appears that actors who distribute this special kind of phishing emails prefer to use Gmail accounts to conduct their attacks.
According to a report by Barracuda, who surveyed 10,500 organizations, 35% of them received at least one bait attack email in September 2021 alone.
What is a baiting attack?
A “bait attack” is a sub-class of phishing where threat actors attempt to gather basic information about a specific target and use it for more targeted and effective attacks in the future.
It is a preparatory reconnaissance step that seldom comes with payloads or embedded links on the email body.
Although some of these emails contain a basic question or something that has higher chances of receiving a response, many don’t include any text at all.