The Latest Trends In Email Threats

Uploaded on 2023-10-24 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Threat actors are increasingly hiding malicious links in Google Drive and other cloud storge spaces. Examples include PDF files as a malspam delivery tool have more than quadrupled since Q1 this year, and callback phishing and user-friendly Redline malware is also on the rise. 

Now, leadning cyber security  company, VIPRE Security, has released its Q3 Email Threat Trends Report 2023.  

Analysing nearly two billion emails, the report finds that cyber criminals are adapting their methods to reflect changing consumer habits, alongside exploiting evolving technology to evade detection.

Key highlights of the report include:

  • 233.9 million malicious emails detected in Q3 2023.
  • 110 million emails attributed to malicious content, 118 million to malicious attachments.
  • 150,000 emails displayed previously unknown behaviours.
  • Threat actors favour link-based delivery (58%) over attachments (42%). 
  • Combined heuristic approaches detected roughly ten times more spam instances than a similar signature-based detection approach 

Clearly, email threats remain a big source of trouble in the side of cybersecurity teams. The 150,000 emails containing newly created exploits represent a significant shift in the landscape.

Cyber criminals are also changing their delivery methods to reflect changing consumer habits. As cloud storage services have grown in popularity, so have they developed as a malspam delivery method, accounting for 67% of all malspam delivery methods in Q3 2023. Legitimate, compromised websites made up the remaining 33%.  

Leveraging combined heuristics, VIPRE identified over one million spam incidents across two distinct subsets: legacy heuristic rules caught 810,000, while new heuristic rules reeled in more than 72,000. To put this into perspective, traditional, signature-based approaches identified 150,000 overall.

These numbers represent a shift in the email security landscape as older defensive technologies struggle to keep pace with phishing-as-a-service offerings and an onslaught of novel malware models.  

“Cybercriminals are extremely capable, informed, and effective; we mustn’t underestimate them... However, by exposing cyber criminal attack methods and trends, through this report we aim to empower organisations to combat those who seek to do them harm.” said Usman Choudhary, Chief Product & Technology Officer at VIPRE. 

The report also reveals how cyber criminals are increasingly utilising AI tools to make their emails more believable. Only recently, many, if not most, spoof emails were betrayed by poor grammar, spelling mistakes, or strange formatting. Today, Generative AI tools such as ChatGPT have made this detection method largely obsolete; at the click of a button, cyber criminals can produce literate, well-formatted emails that few could distinguish from legitimate communications.  

ChatGPT continues to improve phishers’ ability to dupe, and LinkedIn Slink is an unforeseen malicious work-around.

Image: Brett Jordan

You Might Also Read: 

Generative AI Tools Help Criminals Launch More Sophisticated Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Information War In Gaza & Israel
Intelligence Chiefs Accuse China Of IP Theft & Online Deception »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CloudPassage

CloudPassage

CloudPassage, a cloud security and compliance pioneer, safeguards cloud infrastructure for the world’s best-recognized brands.

Security Brokers

Security Brokers

Security Brokers focus services and solutions with a focus on strategic ICT Security and Cyber Defense issues.

OmniNet

OmniNet

OmniNet delivers the next generation of cybersecurity and is the only provider in the market to move the edge of small businesses to a virtual, omnipresent perimeter.

Cyber Risk Opportunities

Cyber Risk Opportunities

Cyber Risk Opportunities was formed to enable middle-market executives to become more proficient cyber risk managers so their organizations can thrive.

Templar Executives

Templar Executives

Templar Executives is a leading, expert and dynamic Cyber Security company trusted by Governments and multi-national organisations to deliver business transformation.

Garner Products

Garner Products

Garner design, manufacture, and sell equipment that delivers complete, permanent, and verifiable data elimination.

Vigilant Software

Vigilant Software

Vigilant Software develops industry-leading tools for intelligent, simplified compliance, including ISO27001-risk management and EU GDPR.

360° Online Brand Protection

360° Online Brand Protection

360° Online Brand Protection have developed a response to monitor counterfeiting and piracy activity at the online point of sale.

ShardSecure

ShardSecure

ShardSecure Microshard technology eliminates data sensitivity, providing security, privacy and compliance beyond encryption.

Technisanct

Technisanct

Technisanct works with Governments, especially Law Enforcement and Defence agencies, helping them in monitoring threats, managing their data and resolving their forensic needs.

Cyber Readiness Institute (CRI)

Cyber Readiness Institute (CRI)

At the Cyber Readiness Institute, our mission is simple: empower small and medium-sized enterprises with free tools and resources to help them become more secure and resilient.

Cyber Resilience Centre for Wales (WCRC)

Cyber Resilience Centre for Wales (WCRC)

The Cyber Resilience Centre for Wales (WCRC) is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Presidio Identity

Presidio Identity

Presidio Identity offers a digital-native approach that brings security, privacy, and simplicity to user authentication and digital interactions.

Secrutiny

Secrutiny

Scrutiny's core services include Cyber Maturity, Cyber Risk Analyser, Cyber Controls, Incident Response, SOC, Cyber Recovery and Assurance Testing.

ThreatNix

ThreatNix

ThreatNix is a tight knit group of experienced security professionals who are committed to providing competent cybersecurity solutions that adhere to international standards.

CloudGuard

CloudGuard

CloudGuard is an AI-driven XDR platform that helps organisations to proactively detect and automatically remediate threats in real-time.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.