The Latest Trends In Email Threats

Uploaded on 2023-10-24 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Threat actors are increasingly hiding malicious links in Google Drive and other cloud storge spaces. Examples include PDF files as a malspam delivery tool have more than quadrupled since Q1 this year, and callback phishing and user-friendly Redline malware is also on the rise. 

Now, leadning cyber security  company, VIPRE Security, has released its Q3 Email Threat Trends Report 2023.  

Analysing nearly two billion emails, the report finds that cyber criminals are adapting their methods to reflect changing consumer habits, alongside exploiting evolving technology to evade detection.

Key highlights of the report include:

  • 233.9 million malicious emails detected in Q3 2023.
  • 110 million emails attributed to malicious content, 118 million to malicious attachments.
  • 150,000 emails displayed previously unknown behaviours.
  • Threat actors favour link-based delivery (58%) over attachments (42%). 
  • Combined heuristic approaches detected roughly ten times more spam instances than a similar signature-based detection approach 

Clearly, email threats remain a big source of trouble in the side of cybersecurity teams. The 150,000 emails containing newly created exploits represent a significant shift in the landscape.

Cyber criminals are also changing their delivery methods to reflect changing consumer habits. As cloud storage services have grown in popularity, so have they developed as a malspam delivery method, accounting for 67% of all malspam delivery methods in Q3 2023. Legitimate, compromised websites made up the remaining 33%.  

Leveraging combined heuristics, VIPRE identified over one million spam incidents across two distinct subsets: legacy heuristic rules caught 810,000, while new heuristic rules reeled in more than 72,000. To put this into perspective, traditional, signature-based approaches identified 150,000 overall.

These numbers represent a shift in the email security landscape as older defensive technologies struggle to keep pace with phishing-as-a-service offerings and an onslaught of novel malware models.  

“Cybercriminals are extremely capable, informed, and effective; we mustn’t underestimate them... However, by exposing cyber criminal attack methods and trends, through this report we aim to empower organisations to combat those who seek to do them harm.” said Usman Choudhary, Chief Product & Technology Officer at VIPRE. 

The report also reveals how cyber criminals are increasingly utilising AI tools to make their emails more believable. Only recently, many, if not most, spoof emails were betrayed by poor grammar, spelling mistakes, or strange formatting. Today, Generative AI tools such as ChatGPT have made this detection method largely obsolete; at the click of a button, cyber criminals can produce literate, well-formatted emails that few could distinguish from legitimate communications.  

ChatGPT continues to improve phishers’ ability to dupe, and LinkedIn Slink is an unforeseen malicious work-around.

Image: Brett Jordan

You Might Also Read: 

Generative AI Tools Help Criminals Launch More Sophisticated Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Information War In Gaza & Israel
Intelligence Chiefs Accuse China Of IP Theft & Online Deception »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

OSSEC

OSSEC

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS).

CERT-IS

CERT-IS

CERT-IS is the national Computer Emergency Response Team for Iceland.

DNV

DNV

DNV are the independent expert in assurance and risk management. We deliver world-renowned testing, certification and technical advisory services.

Rogue Wave Software

Rogue Wave Software

At Rogue Wave, our mission is to simplify your hardest problems, improve software quality and security, and shorten the time it takes to deliver value.

SMiD Cloud

SMiD Cloud

SMiD encryption technology has been developed following the highest security practices to allow the data availability, integrity and confidentiality.

authUSB

authUSB

authUSB Safe Door is a tool that provides secure access to the content of USB devices that circulate in organizations.

Invensity

Invensity

INVENSITY is an interdisciplinary technology and innovation consulting company. Centres of excellence include Cyber Security and Data Privacy.

GoCyber

GoCyber

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

Fortalice

Fortalice

Fortalice provide customizable consulting services built on proven methodology to strengthen your business cyber security defenses.

Techleap.nl

Techleap.nl

Techleap.nl is a non-profit publicly funded organisation helping to quantify and accelerate the tech ecosystem of the Netherlands.

SOC.OS Cyber Security

SOC.OS Cyber Security

SOC.OS is an alert correlation and triage automation tool. It correlates and prioritises your alerts, boosting productivity, enhancing threat visibility and shortening mean time to respond.

ST Engineering Antycip

ST Engineering Antycip

ST Engineering Antycip (formerly Antycip Simulation) is Europe’s leading provider of professional grade COTS simulation software, projection & display systems, and related engineering services.

Silicon Labs

Silicon Labs

Silicon Labs are a leader in secure, intelligent wireless technology for a more connected world. We provide award-winning hardware and software security to help safeguard connected devices.

Laminar

Laminar

Laminar provides the only Public Cloud Data Protection solution that provides full visibility and enforcement capabilities across your entire public cloud infrastructure.

HackNotice

HackNotice

HackNotice Teams is an all-in-one encompassing tool that monitors threats within your organization, different vendors, and third parties whose services you use.

Altospam

Altospam

Altospam is a full service corporate email protection, integrating multiple security levels for your emails.