The Latest Trends In Email Threats

Uploaded on 2023-10-24 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Threat actors are increasingly hiding malicious links in Google Drive and other cloud storge spaces. Examples include PDF files as a malspam delivery tool have more than quadrupled since Q1 this year, and callback phishing and user-friendly Redline malware is also on the rise. 

Now, leadning cyber security  company, VIPRE Security, has released its Q3 Email Threat Trends Report 2023.  

Analysing nearly two billion emails, the report finds that cyber criminals are adapting their methods to reflect changing consumer habits, alongside exploiting evolving technology to evade detection.

Key highlights of the report include:

  • 233.9 million malicious emails detected in Q3 2023.
  • 110 million emails attributed to malicious content, 118 million to malicious attachments.
  • 150,000 emails displayed previously unknown behaviours.
  • Threat actors favour link-based delivery (58%) over attachments (42%). 
  • Combined heuristic approaches detected roughly ten times more spam instances than a similar signature-based detection approach 

Clearly, email threats remain a big source of trouble in the side of cybersecurity teams. The 150,000 emails containing newly created exploits represent a significant shift in the landscape.

Cyber criminals are also changing their delivery methods to reflect changing consumer habits. As cloud storage services have grown in popularity, so have they developed as a malspam delivery method, accounting for 67% of all malspam delivery methods in Q3 2023. Legitimate, compromised websites made up the remaining 33%.  

Leveraging combined heuristics, VIPRE identified over one million spam incidents across two distinct subsets: legacy heuristic rules caught 810,000, while new heuristic rules reeled in more than 72,000. To put this into perspective, traditional, signature-based approaches identified 150,000 overall.

These numbers represent a shift in the email security landscape as older defensive technologies struggle to keep pace with phishing-as-a-service offerings and an onslaught of novel malware models.  

“Cybercriminals are extremely capable, informed, and effective; we mustn’t underestimate them... However, by exposing cyber criminal attack methods and trends, through this report we aim to empower organisations to combat those who seek to do them harm.” said Usman Choudhary, Chief Product & Technology Officer at VIPRE. 

The report also reveals how cyber criminals are increasingly utilising AI tools to make their emails more believable. Only recently, many, if not most, spoof emails were betrayed by poor grammar, spelling mistakes, or strange formatting. Today, Generative AI tools such as ChatGPT have made this detection method largely obsolete; at the click of a button, cyber criminals can produce literate, well-formatted emails that few could distinguish from legitimate communications.  

ChatGPT continues to improve phishers’ ability to dupe, and LinkedIn Slink is an unforeseen malicious work-around.

Image: Brett Jordan

You Might Also Read: 

Generative AI Tools Help Criminals Launch More Sophisticated Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Information War In Gaza & Israel
Intelligence Chiefs Accuse China Of IP Theft & Online Deception »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Global Knowledge Training

Global Knowledge Training

Global Knowledge is a worldwide leader in IT and business training, featuring Cisco, Microsoft, VMware, IBM, security, cloud computing, and project management.

ZDL Group

ZDL Group

At ZDL (formerly ZeroDayLab) we take a comprehensive view of our clients cyber security risks and provide quality services to address those risk

National Cyber Security Centre (NCSC) - Norway

National Cyber Security Centre (NCSC) - Norway

NCSC is part of the Norwegian Security Authority, and is Norway's national cyber security hub and the national CERT.

Certes Networks

Certes Networks

Certes Networks offers an encryption management solution that can be seamlessly integrated and is interoperable with any network.

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

Luxembourg Institute of Science & Technology (LIST)

Luxembourg Institute of Science & Technology (LIST)

LIST is a mission-driven Research and Technology Organisation. Areas of research include IT and aspects of IT security.

Remediant

Remediant

Remediant is the leader in Precision Privileged Access Management. We protect organizations from ransomware and data theft via stolen credentials and lateral movement.

ThreatSTOP

ThreatSTOP

ThreatSTOP is a cloud-based automated threat intelligence platform that converts the latest threat data into enforcement policies to stop attacks before they become breaches.

Seqrite

Seqrite

Seqrite offers a highly advanced range of enterprise and IT security solutions to protect your organization's most critical data.

Crosser

Crosser

The Crosser Platform enables real-time processing of streaming or batch data for Industrial IoT, Data Transformation, Analytics, Automation and Integration.

Secberus

Secberus

SECBERUS creates cloud security technology to help organizations stay secure & compliant in the public cloud.

StackHawk

StackHawk

StackHawk is built to help dev teams ship secure code. Find and fix bugs early before they become vulnerabilities in production.

QAlified

QAlified

QAlified offer independent testing and quality assurance services for software projects including security testing.

Pessimistic Security

Pessimistic Security

The team behind Pessimistic helps blockchain startups meet modern security challenges since 2017.

Cyber Suraksa

Cyber Suraksa

We make security simple and hassle-free by offering a sustained and secure IT environment with next-gen cybersecurity solutions through a scalable security-as-a-service model.

Port443

Port443

Port443 specialises in providing Security Orchestration, Automation and Remediation (SOAR) "as a service".