What is polymorphic phishing?

Featured image

Share this article

What Is Polymorphic Phishing? - Paubox

Polymorphic phishing is a type of email phishing attack that has been used since around 2016. Initially, it automatically generated thousands of different URLs leading to malware pages as a way to beat anti-phishing defenses. Now attackers send infected emails asking recipients to click on a link to download a PDF or app as a way to lead them to malware sites. 

Attackers can send the same email to a different recipient with a slight change in the subject line or sender address to bypass anti-malware or phishing tools.

According to a global survey conducted by security researchers, 42% of all phishing attempts in 2020 were due to polymorphism. 

Why polymorphic phishing works

Polymorphic phishing is an advanced form of phishing that tricks signature-based email software by making slight changes to email components, such as modifying the sender name, sender address, subject line, email body, or signature. 

This form of phishing is highly effective and easy for cybercriminals to deploy. It is difficult to catch as these phishing attacks trick signature-based email security tools, allowing various versions of the same attack to go undetected. 

As polymorphic phishing slightly changes the message, malicious emails can bypass controls that might have stopped previous versions of the phishing attack.

SEE RELATED: Phishing Attacks Wreak Havoc on Healthcare Providers

How attacks are carried out

Polymorphic phishing attacks start small and target a small number of employees. Once one employee falls for the phishing attack, the cybercriminals have access to an organization’s network. The hackers use this access to send a polymorphic attack to other users in the same network. 

The malicious email comes with a link or attachment that will redirect an employee to a spoofed login page. Employees who are not informed can fall for these phishing attacks by providing their company login credentials on the spoofed page. 

By the time a polymorphic phishing attack is underway, the compromised accounts cannot be blacklisted as they come from within the organization. As more accounts are compromised, it becomes more difficult to contain this type of attack.

How polymorphic phishing can be prevented

One reason polymorphic phishing is successful is due to a common display name spoofing technique that changes the sender name to appear that it comes from a trusted source, like a person of authority within a company or a colleague.

Healthcare organizations can combat these attacks with Paubox Email Suite Plus, which includes ExecProtect, our patented solution that fights display name spoofing emails by keeping them from reaching the inbox in the first place. 

Paubox Email Suite Plus also allows healthcare providers to send HIPAA compliant email by default directly to a patient’s inbox by seamlessly integrating with your current email provider, such as Google Workspace or Microsoft 365.

SEE RELATED: 7 Common HIPAA Violations You Need to Avoid

The importance of strong email security

The only way to ensure protection from a data breach and subsequent HIPAA violation is to have solid cybersecurity protection that includes email security

Paubox Email Suite Plus ensures that your messages and patient information are protected from breaches. 

We include a business associate agreement (BAA) with all of our plans. Our HITRUST CSF certified software offers customers and their patients assurance that their information is protected.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Chloe Bowen

Read more by Chloe Bowen

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022