Story image

Number of malicious emails soars 85% from previous quarter

27 Oct 17

Proofpoint has released the findings from its massive Quarterly Threat Report – some of which are astonishing.

The research highlights the threats, trends, and key takeaways we see within its large customer base and in the wider threat landscape.

Every day the company analyses more than a billion email messages, hundreds of millions of social media posts, and more than 150 million malware samples and their research is built from this.

The company says the report is designed to provide actionable intelligence businesses can use to better combat today’s attacks, anticipate emerging threats and manage security posutures.

The end result? Three primary vectors continue to contain the bulk of sophisticated attacks; email, social media, and mobile.

The volume of email attacks utilising malicious URLs has exploded, making up the highest proportion of email attacks (against those that use attachments) in more than two years.

The sheer number of malicious emails soared 85 percent from the prior quarter, with the volume of emails with malicious URLs shooting up nearly 600 percent from the previous quarter and more than 2,200 percent from 12 months earlier.

Despite the upsurge of URL usage being the major driver of malicious email growth, Proofpoint asserts there was still a large number of campaigns operating with malware hidden in compressed-file archive attachments.

In terms of malware categories, ransomware remained king and accounted for almost 64 percent of all email malware attempts.

New ransomware strains appeared daily, but Locky remained the top payload and accounted for almost 55 percent of total message volume and more than 86 percent of all ransomware volume.

Banking Trojans represented 24 percent of all malicious email volume, with a strain called The Trick accounting for 70 percent of that total.

Email fraud rose 29 percent from the previous quarter, while the number of email fraud attempts per targeted organisation rose 12 percent.

While email fraud does not discriminate by size, organisations with more complex supply chains are more frequent targets.

In terms of social media, fraudulent support accounts that are used for so-called Angler Phishing, doubled from the year-ago quarter. The number of fake customer-support accounts grew 5 percent over the previous quarter while the volume of phishing links on branded social channels rose 10 percent.

"Threat actors never stop innovating, whether through new network attack vectors, more sophisticated social engineering, or evolving email campaigns with hosted malware and obfuscated code,” says Proofpoint’s vice president of Threat Operations, Kevin Epstein.

"The ongoing dominance of ransomware in the threat landscape means that it remains lucrative for actors who repeatedly demonstrate their willingness to ‘follow the money’. However, we also continue to see a combination of adaptability -- switching payloads and malware families as necessary to maximise returns -- and specialisation, as actors focus on particular regions and malware types that best suit their needs and expertise."

ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.
Exclusive: Okta’s new GM shares its APAC strategy
“We believe that partnering with systems integrators, independent software vendors and consulting companies is a key factor of success for Okta.”
Three access management trends making waves in APAC
Consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.
Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”