Researchers develop machine learning-based detector that stops lateral phishing attacks - Help Net Security

Lateral phishing attacks – scams targeting users from compromised email accounts within an organization – are becoming an increasing concern in the U.S. Whereas in the past attackers would send phishing scams from email accounts external to an organization, recently there's been an explosion of email-borne scams in which an attackers compromise email accounts within organizations, and then uses those accounts to launch internal phishing emails to fellow employees – the kind of attacks known as lateral phishing. And when a phishing email comes from an internal account, the vast majority of email security systems can't stop it. Existing security systems largely detect cyber attacks that come from the outside, relying on signals like IP and domain reputation, which are ineffective when the email comes from an internal source. Lateral phishing attacks are also costly. FBI data shows that these cyberattacks caused more than $12 billion in losses between 2013-2018.