HomesecurityGmail accounts are used in 91% of baiting attacks

Gmail accounts are used in 91% of baiting attacks

Baiting attacks are on the rise and it seems that hackers who distribute this special type of phishing emails prefer to use Gmail accounts to carry out their attacks.

According to a report by Barracuda, which surveyed 10.500 organizations, 35% of them received at least one bait attack email in September 2021 alone.

Gmail accounts

See also: Phishing campaign used Proofpoint to deceive users

What is a baiting attack?


"Bait attack" is a subcategory of phishing where threatening agents try to gather basic information about a specific target and use it for more targeted and effective attacks in the future.

It is a preparatory identification step that is rarely accompanied by payloads or embedded links in the body of the email.

While some of these emails contain a key question or something that is more likely to be answered, many do not contain any text at all.

See also: Phishing emails infect victims with MirCop ransomware

While it may be strange to send an almost blank email, threatening agents use it for the following purposes:

  • Verify that the recipient's email address is valid
  • Verify that the email address is being actively used
  • Confirm the target's sensitivity to spam
  • Test the effectiveness of automated spam detection solutions

Since these emails do not contain links to phishing sites and do not carry attachments, they are usually passed through phishing defense systems as they are not considered malicious.

Why Gmail?

Barracuda statistics show that 91% of all these bait emails are sent from new Gmail accounts, while all other email platforms account for only 9%.

This preference is due to the fact that Gmail is a very popular service that people associate with legality and reliability.

The same goes for email security solutions that treat Google email as a highly trusted service.

See also: Mobile phishing attacks: 161% increase against the energy sector

In addition, Gmail is a platform that allows you to quickly and easily create nickname accounts without much fuss.

Finally, Gmail supports the "read proof" feature, which tells hackers that the recipient opened the message even if it never responded.

This fulfills the purpose of the baiting attack, which is to confirm that the mailbox is valid and actively used.

Barracuda decided to experiment by responding to these baiting emails, which are not supposed to start the phishing process.

Within 48 hours, the security company employee received a targeted phishing attack that was used after a fake Norton LifeLock purchase claim.

This rapid response demonstrates the readiness of the threat agents and the close connection between these harmless emails and fully developed phishing attacks.

Source of information:

Teo Ehc
Teo Ehc
Be the limited edition.