Dubai: Two-thirds of more than half-a-billion emails sent during the first half of 2018 were malicious, making email-based threats a popular means of cyberattack, a new report revealed on Sunday.
Based on Email Threat Report, released by FireEye Inc, an intelligence-led security company, only one-third of more than half-a-billion emails sent during the same period were considered ‘clean’. In fact, one in every 101 emails had malicious intent.
Some 91 per cent of cybercrime starts with an email. Interestingly, it only takes one malicious email to infiltrate an organisation.
“Not only is email the most pervasive form of communication, it is also the most popular vector for cyberattacks. This makes email the biggest vulnerability for every organisation,” said Ken Bagnall, vice-president of email security at FireEye.
“From malware to malware-less attacks including impersonation attacks like CEO fraud, a single malicious email can cause significant brand damage and financial losses. By choosing an email security solution with features based on real-time knowledge gained from the front lines, and by teaching users to always ensure they are communicating with who they think they are, organisations can better defend against attacks.”
Email security solutions are currently more focused on detecting malware. However, cyber criminals are learning to adapt and are exposing organisations to malware-less assaults such as CEO fraud.
Fake boss
CEO Fraud is an email attack wherein the attacker pretends to be the boss and tricks an employee at the organisation into wiring funds or important documents to the attacker. This impersonation attack often happens on a Friday.
In the report, 90 per cent of attacks blocked during analysis for the report were malware-less. Phishing attacks, which is the fraudulent attempt to get one’s sensitive information through electronic communication, alone made up 81 per cent of the blocked malware-less emails. This number almost doubled from January to June 2018.
Based on the data gathered, phishing attacks will continue to rise, while impersonation attacks — at 19 per cent — remain relatively proportional to the total number of attacks seen.
Mobile users are more prone to attacks when checking emails, the report said, since most mobile emails only display clients’ names and not email addresses. Attackers can easily trick users into thinking they’re corresponding with someone they know.
Since it only takes one malicious email to negatively impact an entire organisation, protecting this data must be taken seriously. Users must also be cautious and not fall for these phishing attacks.
Trends of attacks
■ Relative to malware-based attacks, Mondays and Wednesdays were most common
■ Malware-less attacks were most likely to occur on a Thursday including domain name spoofing and attacks using a spoofed friendly username, with the exception of newly existing domains which peaked on Wednesdays instead
■ Impersonation attacks were most likely to fall on a Friday
■ When it comes to the weekend, malware-less attacks continued to be more prevalent than malware-based attacks, with domain name spoofing attacks and newly existing domains being the most likely among them
