Emails containing malicious URLs made up 88 percent of all messages with malware-infested links and attachments, underscoring the dominance of URL-based email threats.
The findings — disclosed in cybersecurity firm Proofpoint’s quarterly threat report for the month ending September — reveal the evolving sophistication of social engineering attacks targeting users and organizations.
“Email-based threats are among the oldest, most pervasive, and widespread cybersecurity threats hitting organizations worldwide,” Chris Dawson, Threat Intelligence Lead at Proofpoint, told TNW.
“From massive malware campaigns targeting millions of recipients with banking Trojans to carefully crafted email fraud, the email threat landscape is extremely diverse, creating a wide range of opportunities for threat actors to attack organizations,” Dawson added.
Some other key trends to note are the prevalence of sextortion campaigns, and the notable absence of Emotet botnet spam and ransomware attacks propagated via malicious emails.
“Ransomware is still a threat,” Dawson stated. “However, with rapidly dropping cryptocurrency valuations, threat actors are having a harder time monetizing their ransomware campaigns. Instead they are turning to ‘quieter’ infections with banking Trojans and downloaders that can potentially sit on infected machines for extended periods, collecting data, mining cryptocurrency, sending spam, and more.”
Proofpoint
Indeed, overall message volumes of banking Trojans (Trickbot, IcedID, Ursnif) and remote administration tools (FlawedAmmy, FlawedGrace) increased by 18 percent and 55 percent when compared ..
Support the originator by clicking the read the rest link below.
