Marketers and PR people send a LOT of emails. While there may be some nuance depending on the industry you work in, it’s likely an enterprise-level company’s marketing team is sending emails to thousands of recipients every week. And lately, marketers have been attempting to ride the wave of a surge in email marketing engagement during our new work-from-home normal.

Like a Georgia mosquito to blood, the cybercriminals swoop in. 

As a marketer, you may not realize that the vast majority (67%) of data breaches are caused by email phishing attacks, according to the most recent Verizon Data Breach and Incident Response report. Many such attacks spoof popular brands that you and I are most accustomed to receiving emails from, like Amazon, Google and Walmart.

Unfortunately, COVID-19 has made the phishing epidemic worse. With remote work exacerbating security gaps, attackers have upped the frequency of their phishing to exploit distracted parents and weaker security controls commonly found outside of the office. 

In fact, Google’s Threat Analysis Group reported in mid-April that they blocked 18 million COVID-19 themed malware and phishing emails per day. With marketers eager to enjoy the benefits of a rise in digital shoppers and email open rates, it’s possible that a future email campaign could become the target of the next great email phishing event. 

Beware of Phishing Attacks Targeting Marketers

Because of the large volume of emails sent and received, marketers and PR pros are especially vulnerable to phishing attacks impersonating brands and people. 

Below, we consider three examples shining a light on why the phishing threat is so great for marketers. 

  1. In one recent attack uncovered by global email security (and ARPR client) IRONSCALES, attackers targeted email delivery service providers, Mailgun and SendGrid. The attacks attempt to trick recipients into believing that “the following services failed to auto-renew and are about to expire.” Such spoofing messages, which appear to come from “renewal teams,” provide a link to a fake phishing website where recipients are prompted to “update” their credit card on file so as to avoid any disruption in service.
  1. As ZDNet points out, Microsoft Office 365 is core to many businesses from Exchange to Teams to SharePoint, and attackers have taken notice. As one of the most widely used email platforms for agencies, Microsoft is a common target for email phishing scams, sending users to fake login pages that then lead to credential theft (username and password). Marketers should be wary of any suspicious link they receive and either send it to their IT team or try using a free URL scanner to verify its legitimacy. Again, it’s unlikely that marketers are the end-goal for these attackers, but rather an entry point to harvest information that could be exploited for financial gain.
  1. You’ve probably seen this one before – you get an email that looks to be from your manager or boss asking to pick up a gift card or another similar task. These are called business email compromise (BEC) attacks that rely on social engineering to get the recipient to fall for a tactic. Rather than include a malicious payload (link, attachment), these attacks prey on tricking an individual into replying to an email and providing the attacker with compromising information. These attacks are effective and alarming, which is why IT Pro Portal calls humans the “most dangerous component” of cyberattacks.

Marketing leaders must be aware of these common phishing schemes and report suspicious activity to IT or security personnel without hesitation. 

At ARPR, we invest more time, money and resources in cybersecurity than most agencies. From password managers and email security to cloud app security and phishing awareness training, we want our clients to have complete trust in our ability to keep their data safe and secure.

As we all navigate COVID-19 together, ARPR surveyed 100 tech companies in a new data report. Click here to learn more about marketing in a post-COVID world.

Blair Ruth leads the ARPR cloud practice. She loves nothing more than building strategic communications plans to help clients tell their unique story to audiences who matter.

Contact Us

Let Us PRopel What's Possible for Your Brand

Continue Reading

We surveyed tech buyers and sellers on the marketing and public relations landscape post-COVID. Here’s where they disagree.

B2B Tech Sales in a Post-Pandemic World: New Data Shows Where Sellers and Buyers Disagree

How the pandemic has permanently changed our economy and lifestyles has been the subject of many a media report, blog and dinner conversation. Heck, we’ve…

Read More
ARPR’s survey found that vendor emails are the #1 preferred method for learning about software products among CIOs and CTOs.

New Report: Today’s Tech Buyers are Making Faster & Bigger Purchasing Decisions

Last month, ARPR surveyed 99 IT and innovation executives from across the U.S. in order to understand how COVID-19 changed tech buyers’ needs and expectations….

Read More
The pandemic validated the cloud’s value proposition, giving way to a myriad of opportunities for SaaS marketers

Long Range Forecast Calls for Clouds: the Staying Power of Digital Transformation

Digital transformation has been a hot buzzword for just about as long as I’ve been working in tech. But, no one could have predicted that…

Read More
九九视频在线观看视频6,九九热线精品视频6