What MSPs Can Learn from Q1 Global Security Report Findings

Every quarter, AppRiver releases its Global Security Report, the latest spam and malware findings from the previous quarter. The company's Q1 2016 report, released in April, has confirmed that the levels of malicious email traffic during Q1 have already eclipsed all of 2015’s levels of 1.7 billion, with 2.3 billion malicious email messages (1.7 billion occurring in March alone).

Every quarter, AppRiver releases its Global Security Report, the latest spam and malware findings from the previous quarter. The company’s Q1 2016 report, released in April, has confirmed that the levels of malicious email traffic during Q1 have already eclipsed all of 2015’s levels of 1.7 billion, with 2.3 billion malicious email messages (1.7 billion occurring in March alone).

“The malicious Web and email traffic continues to multiply rapidly, and it’s not slowing down anytime soon,” says Troy Gill, manager of security research at AppRiver. “The increase in malicious traffic that we’ve seen over the first quarter, and even last quarter of 2015, can be traced to two factors: the widespread ability to purchase malware on the Dark Web and its effectiveness due to end users’ reluctance to use antivirus software and perform regular software updates.”

AppRiver confirms that receiving a malicious message is no longer a numbers game, as cybercriminals are also targeting sectors with crafted messages. Jon French, security analyst at AppRiver, says, “We have also seen ransomware attacks move from a simple ‘cast net’-style approach to attacks aimed at certain verticals, with the most prevalent this quarter being the healthcare industry.” French adds, “Malicious macros in Microsoft Word and Excel documents have been a very popular method for delivering the Trojans carrying the payload for ransomware attacks.”

For those who are not falling for the macros method, cybercriminals are utilizing hidden PowerShell commands in documents to infect machines, as well as obfuscated JavaScript as a vehicle to deliver attack code.

AppRiver has also seen an uptick in wire transfer attacks, typically targeting finance departments. Custom communications are spoofed by the attackers to appear as if they come from within an organization–most often impersonating a company’s CEO.

A final trend to note is the Distributed Spam Distraction (DSD) technique. Fred Touchette, manager of security research at AppRiver, explains, “DSDs flood an individual’s inbox with spam emails in an attempt to hide critical confirmation emails for purchases or wire transfers made in the victim’s name. With all of the spam in the victim’s inbox, the deed is done before the confirmation email is located, allowing the cybercriminal to make away with fraudulent purchases or wire transfers.”

These new trends in the threat landscape reaffirm the importance of MSPs being able to offer a variety of IT security solutions to protect their customers. With more companies looking to mitigate security risks and compliance issues, MSPs can step in and guide customers to the best solutions for their needs and budget. Protect your customers by offering easy-to-use, affordable services that can be bundled, such as:

Cloud-based IT security
Email filtering and Web protection
Email encryption
Office 365
Hosted Exchange

We have included more detail on these attacks and statistics within its Q1 Global Security Report. To read the full report and watch AppRiver’s security analysts’ round table discussion on its findings, visit https://www.appriver.com/about-us/security-reports/global-security-report-2016-quarter-1/. To learn about partnering opportunities with AppRiver, visit https://www.appriver.com/partners/.

Guest blogs such as this one are published monthly and are part of MSPmentor’s annual platinum sponsorship.