High Stakes: Business Email Compromise

VIPRE's Q2 2024 Email Threat Trends Report which highlights the ingenuity of cyber criminals in using AI to evade detection and maliciously scam individuals and enterprises. VIPRE processed 1.8 billion emails globally, detecting 226.45 million spam emails and 16.91 million malicious URLs to identify the email threat trends that impact enterprises the most.

BEC remains a major scourge. Nearly half (49%) of all detected spam emails are attributed to BEC scams, with the CEO, followed by HR and IT, being the most common targets.

A more sinister development is that VIPRE found that 40% of the BEC emails were AI-generated. In some cases,  AI created the entire message.

The key findings include: 

  • Double the Malicious Attachments: Q2 2024 saw twice as many evasive malicious attachments compared to the previous year, underlining the sophistication of modern email exploits. Organisattions without measures to detect these advanced threats could find themselves in hot water, facing double the risk compared to Q2 last year.
  • 74% Increase in Malicious Links: The research identified 16.91 million malicious URLs, a 74% rise from the previous year. This surge highlights the growing use of advanced evasion techniques by attackers. 
  • Emerging trends in Phishing and Malspam: Phishing remains a dominant threat with attackers favouring URL redirection and cloud-hosting services. Cloudflare Turnstile was the most commonly used technique (51%) in phishing emails. 

Cloudflare Turnstile is a free service designed to protect websites from malicious traffic and functions as an advanced CAPTCHA alternative. 

A significant shift in malspam tactics was observed. 86% of malspam emails used malicious links and only 14% contained attachments, a reverse of the Q1 2024 trend, where 78% of malspam emails contained malicious attachments, while only 22% used malicious links. 

This swing may be due to the increasing difficulty in detecting malicious links leading to seemingly legitimate websites that contain infected links. 

Sector-Specific Targeting: Threat actors increasingly targeted the manufacturing sector with 25% of email attacks, followed by retail (which was absent from 2023’s targets) at 20% and real estate at 11%. 
Attackers appear to be focusing on industries perceived as lacking advanced cybersecurity measures. In 2023, finance led the way with 25% of email attacks, and manufacturing surged to 43% in Q1 2024, a top position the sector continues to hold.

Regional Spam Sources: The US continues to be the top contender when it comes to sending and receiving spam (receiving nearly half of all phishing emails), most likely thanks to its vast data centre infrastructure. Consistent with last quarter, the UK was the second-largest source of spam, followed by Canada, Sweden, and Iceland; three countries that failed to make the list either last quarter or this time last year. 

“As AI technology advances, the potential for BEC attacks grows exponentially. Malefactors are now leveraging sophisticated AI algorithms to craft compelling phishing emails, mimicking the tone and style of legitimate communications,” commented Usman Choudhary, Chief Product & Technology Officer at VIPRE.

“The next wave of BEC attacks could see attackers using AI to dynamically analyse and exploit real-time information, creating tailored and contextually accurate scams nearly indistinguishable from genuine correspondence...

“Enterprises must stay ahead by adopting robust AI-driven defences and continuously educating their workforce on emerging threats.” Choudhury concludes.

Image: Gustavo Fring

You Might Also Read: 

Defending Against Business Email Compromise:

DIRECTORY OF SUPPLIERS - Email Security:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Bolster Security Using Dark Web Intelligence
Global AI Safety: Scientists Can Move The Needle »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ASIS International

ASIS International

ASIS International is a global community of security practitioners with a role in the protection of assets - people, property, and/or information.

CERT.BY

CERT.BY

The National Computer Emergency Response Team of the Republic of Belarus.

APrivacy

APrivacy

APrivacy provides information and communication security products for the financial services industry.

Centre for Development of Advanced Computing (C-DAC)

Centre for Development of Advanced Computing (C-DAC)

C-DAC is the premier R&D organization of the indian Ministry of Electronics & Information Technology. Areas of research include cyber security.

Ekran System

Ekran System

Ekran System is an advanced insider threat detection solution for companies of any size.

Araxxe

Araxxe

Araxxe delivers Revenue Assurance, End-to-End Billing Verification and Interconnect Fraud Detection solutions to communication companies worldwide.

FifthDomain

FifthDomain

We are a specialist cyber security education and training company tackling the global cyber security skills shortage.

Zaviant Consulting

Zaviant Consulting

Zaviant Consulting is a leading data security and privacy consulting firm assisting organizations comply with constantly evolving security frameworks and privacy regulations.

Testhouse Ltd

Testhouse Ltd

Testhouse is a thought leader in the Quality Assurance, software testing and DevOps space. Founded in the year 2000 in London, UK, with a mission to contribute towards a world of high-quality software

Patriot Consulting Technology Group

Patriot Consulting Technology Group

Patriot Consulting's mission is to help our clients manage cybersecurity risk through secure deployments of Microsoft 365.

Securious

Securious

If you need to improve your cyber security or achieve cyber security accreditations, Securious provide an independent service that will identify and address your issues quickly and efficiently.

Bores Security Consultancy

Bores Security Consultancy

Bores Security Consultancy are an established family-run business delivering expertise in security and technology.

Cyberani Solutions

Cyberani Solutions

Cyberani Solutions was created to fulfill the cybersecurity needs of industry and government in Saudi Arabia, and across the Middle East and North Africa regions.

Arsen Cybersecurity

Arsen Cybersecurity

Arsen is a French cybersecurity startup, dedicated to enhancing human behaviors in cybersecurity.

Siguria Kibernetike (Cyber Security)

Siguria Kibernetike (Cyber Security)

Siguria Kibernetike is a company based in Tirana that offers full service in the field of cyber and physical security.

Hunt & Hackett

Hunt & Hackett

Hunt & Hackett helps European companies prevent, detect and respond to today’s most advanced adversaries, safeguarding them against cyberthreats and espionage.