Surprising Number of Emails Now Pose Potential Threat
A new report by Hornetsecurity shows a surprising percentage of all incoming emails now pose a potential threat.
As the primary means of communication for business, email is one of the main gateways for cybercrime and remains a prime attack vector. Threat researchers at Hornetsecurity found 40% of all inbound emails out of the total email traffic during the research period posed a potential threat. This includes spam, phishing emails, and advanced threats such as CEO fraud and any type of malware.
Phishing, malicious links and ransomware are among the most popular attack tactics used by hackers. Furthermore, brand impersonation is especially popular. Cybercriminals copy a company‘s corporate design and mimic the sender address in such a way that it can hardly be distinguished from the original, genuine email address. The main aim is to obtain the user’s access data or to spread malware via hidden links.
At 16.5%, Deutsche Post and DHL are among the top five most frequently imitated brands.
Ransom leaks are now widely known. These attacks are an extension of ransomware campaigns. In ransom leak attacks, sensitive data is first copied and then encrypted. If the targeted victim refuses to pay ransom for decryption, the cybercriminals threaten to publish the copied data on their so-called leak websites.
About 140 files have been published on REvil’s ransomware leak website so far, with new ones being added almost daily, according to Hornetsecurity. Despite this large volume, REvil is only in fifth place among the leak websites with the most published data from ransomware victims.
Daniel Hofmann is Hornetsecurity’s CEO.
“The role of MSSPs and cybersecurity professionals includes that of educator as well as solution provider, helping customers preempt and protect against security breaches and risks,” he said. “All too often, such advice falls on deaf ears, with the experts only being called in to fix things after an attack. Having an up-to-date, accessible cyber threat report to share with their customers could help mitigate this, serving as a valuable conversation starter with current or prospective clients.”
The report shows companies are increasingly recognizing the potential scale of the consequences a cyberattack could have, and of the growing risk of falling victim to one, Hofmann said.
“As a result, they are taking steps to combat this threat, as reflected in the increasing investment in IT security,” he said. “In 2020, global cybersecurity spending totalled approximately $133.8 billion. For 2021, expenditures are estimated at around $150 billion.”
