VIPRE Security Group’s Q3 2023 Email Threat Report Reveals PDFs, Callback Phishing and Malware Via Google Drive Growing in Popularity Among Criminals
VIPRE Security Group released its Q3 Email Threat Trends Report 2023. Analysing nearly two billion emails, the report finds that cybercriminals are adapting their methods to reflect changing consumer habits, alongside capitalising on evolving technology to deceive and evade getting caught.
c boguslaw mazur
Threat actors are increasingly hiding malicious links in Google Drive and other cloud storge spaces; PDFs as a malspam delivery tool have more than quadrupled since Q1 this year, and callback phishing and user-friendly Redline malware is on the rise. ChatGPT continues to improve phishers’ ability to dupe, and LinkedIn Slink is an unforeseen malicious workaround.
Key highlights of the report include:
233.9 million malicious emails detected in Q3 2023
110 million emails attributed to malicious content, 118 million to malicious attachments
150,000 emails displayed previously unknown behaviours.
Threat actors favour link-based delivery (58%) over attachments (42%).
Combined heuristic approaches detected roughly ten times more spam instances than a similar signature-based detection approach
It’s clear from these findings that email threats remain a thorn in the side of cybersecurity teams. The 150,000 emails containing newly created exploits represent a concerning shift in the landscape.
Cybercriminals are also changing their delivery methods to reflect changing consumer habits. As cloud storage services have grown in popularity, so have they developed as a malspam delivery method, accounting for 67% of all malspam delivery methods in Q3 2023. Legitimate, compromised websites made up the remaining 33%.
Leveraging combined heuristics (Yara Rules) to significant effect in Q3 2023, VIPRE identified over one million spam incidents across two distinct subsets: legacy heuristic rules caught 810,000, while new heuristic rules reeled in more than 72,000. To put this into p ..
Support the originator by clicking the read the rest link below.