Email Threat Report 2023: Key Takeaways


Every day, countless people across all industries send and receive emails as a significant part of their jobs. Email is often the most convenient and simplest way to get keep in contact with key stakeholders such as co-workers, senior management, and clients, and many don’t give it a second thought. However, the state of email security is rife with risks. It is vital that people in all industries and at all levels are informed on email security threats if they are going to be using email on the job. Below are the most significant findings of VIPRE’s report analysing recent trends in the email threat landscape.

Email phishing attacks made up 24% of all spam types in 2022, a significant increase in proportion from 11% in 2021. The finance industry is the most targeted by far, accounting for 48% of phishing incidents. It is followed by the construction sector at 17%, overtaking 2021’s second-place industry, e-commerce. Both the finance and construction industries saw an increase in phishing since last year.

According to the Verizon 2022 Data Breach Investigations Report, phishing is one of the predominant action varieties used in data breaches. More than four out of every five data breaches in 2022 involved the human element, meaning that user ignorance or negligence was part of the process leading to the breach. This should come as no surprise, as phishing relies on the human element and social engineering in order to work.

Of the emails analysed in 2022, a staggering 90% were spam emails. Spam, in this case, includes phishing attempts, scams, and commercial emails. There was a spike in phishing emails with malicious file attachments that led to August, September, and October being peak spam months for the year. Spam emails with malicious attachments increased by 22% between 2021 and 2022, as opposed to spam emails containing malicious links. Meanwhile, the emails that did contain malicious links showed a 17% increase in links to new domains.

While the leading malware family in malicious attachments was Emotet in 2021, QBot took over the top spot in 2022. Microsoft remained the most spoofed of the URLs tracked for the report, but Spotify took the second-place spot, replacing Zoom. The most spoofed Top Level Domain (TLD) in 2022 was “.com” followed by “.net” and “.org”, and the number of new domains utilized for phishing attempts increased by almost 10%.

Phishing-as-a-profession doesn’t seem to be decreasing in popularity; in fact, quite the opposite is true. Phishing criminals depend on poor cyber hygiene and user negligence for their scams to come to fruition. However, only a small percentage of individuals actually fall victim to phishing scams that they receive, the sheer volume of phishing emails makes a decent amount of money for the cybercriminals who perpetrate these scams. The Future of Digital Communication Report from SendGrid shows 74% of respondents choosing email as their preferred method of communication, while 89% say they use email at least monthly. The total number of emails sent daily has increased by almost 5% in the last year alone.

Email phishing scams are almost always disguised as innocuous, and often official emails. Through this deception, criminals can employ a variety of tactics to trick users into falling victim to their well-planned scam. Insider threats are one of the most common problems experienced by businesses, with 34% affected each year. Malicious and negligent insiders alike have the access necessary to either intentionally or inadvertently damage their own organization from within.

Spam email is the dominant category of email risks, but there are many different kinds of spam emails, including holiday spam and job spam. Email spam can come from many different sources and causes, and it makes the most sense to break it down into subcategories to understand the real range of threats. Of the phishing emails examined that used malicious links, 52% were compromised legitimate websites, 39% were newly registered domains, and 9% were subdomain cybersquatting – using clever naming to appear affiliated with a legitimate domain.

  • Malicious attachments increased in proportion as compared to malicious links, highlighting the importance of security solutions that scan attachments as well as links.
  • Bad actors have taken to deceiving their targets using multi-factor authentication (MFA) as a tool. They see the rise in popularity of MFA and step in to intercept messages and trick users into sharing their credentials.
  • Phishing attacks are using spoofed QR codes increasingly.
  • Bank fraud comprised 28% of scam emails and financial institutions were the target of 48% of malspam emails.
  • Business email compromise (BEC) is responsible for 2.4 billion USD in losses according to an FBI Internet Crime Report.
  • Domain warming is on the rise – criminals pay companies to build up a reputation for a new domain to circumvent email spam filters.
  • Account takeover (ATO) doesn’t just put one account at risk, as having access to an account via credential theft means that they can infiltrate any areas that the target user is allowed into.

Based on the data gathered for the email threat report, there are some plausible projections for trends going forward. We are likely to see an uptick in attacks on remote workers, as criminals take advantage of a lack of immediate supervision and poor cyber hygiene. The economy of malicious as-a-Service providers is also predicted to grow, and cybercriminals are expected to increasingly target small businesses.

It is crucial for businesses to implement a security strategy that addresses cyberattacks at every level and point possible, utilising security solutions and best practices to provide many layers of defence. Some of the most recommended steps are employing behaviour-driven analytics, securing data, using email-specific security measures, and investing in sufficient cybersecurity awareness training for all users. Protecting your business against attacks and breaches now is far better than waiting for an attack to occur and incurring the costs.



Source link