The latest Threat Intelligence Report is out. Its findings are based on an analysis of 195 billion emails analyzed from January through June 2020. Of that large number, an astonishing 47% were flagged as malicious or spam.
It won’t come as a shock to learn that there were two main themes in the threatening emails this spring. According to HelpNetSecurity, “Two main trends ran throughout the analysis: the desire for attacker’s monetary gain and continued reliance on COVID-19-related campaigns, especially within certain vertical industries.” From the report, “One of the most significant observations of this research is that threat actors are launching opportunistic and malware-based campaigns across multiple verticals at volumes never seen before.”
It’s interesting to note the attackers’ emphasis on verticals, but it does make sense. So much of what threat actors do is to craft targeted emails with industry-specific terminology. After all, they are impersonating an insider. After they do all that research and craft the emails, it only makes sense for them to want to use that information and those emails more than once. And information from the report confirms this.
“Alongside this malicious software, threat actors have increased their sender impersonation efforts, seeking to take advantage of the circumstances of the ongoing pandemic with business email compromise containing multiple forms of social engineering. In fact, researchers found impersonation detections had increased by 30% from January to April 2020. The ongoing pandemic has increased the attractiveness of BEC attacks, so that criminals can take advantage of the circumstances prevailing during the periods of stay-at-home orders across many U.S. states.”
Here are the main findings from the report:
- Significant attacks came from organized criminal groups for primarily monetary gain, instead of focusing on intellectual property theft.
- Verticals with “essential” status during the pandemic were repeatedly targeted.
- Ransomware is on the rise, placing businesses at greater risk of ransomware attack.
- Attackers choose file compression as their main attack delivery format despite Emotet’s halt in activity.
- The majority of attacks were hybridized.
- Impersonation attacks continue to accelerate as threat actors sought to sow confusion during stay-at-home orders.
Phishing Protection is cloud-based. That means there’s no hardware to buy, no software to buy, no maintenance and it sets up in about 10 minutes. Easy. And it cost just pennies per user per month. Inexpensive.
As the report clearly demonstrates, the attacks are not going to stop. The question becomes, what are you going to do about it? You could do nothing and wait for disaster to strike. Or, you could do just a little bit more than nothing and protect your entire organizations. What are you waiting for?