Despite cybercriminals embracing advanced hacking techniques to target the cloud (opens in new tab), classic email attacks still remain very popular - and effective.
A new report from Trend Micro found malware-laden emails and other types of email-borne attacks skyrocketed last year, with high-risk email (opens in new tab) threats rising 32% in 2020 compared to the year before. Detections of malware (opens in new tab), credential theft and phishing emails all recorded double-digit year-on-year increases last year, while business email compromise volumes dropped slightly.
The company alone detected 1.2 million malware-laden emails (16% up on 2019) which it claims would have otherwise made it into people’s inboxes. In many cases, criminals were distributing Emotet and Trickbot, often a stepping stone towards targeted ransomware (opens in new tab) attacks.
- We've assembled a list of the best ID theft protection (opens in new tab) tools around
- These are the endpoint protection tools (opens in new tab) on the market
- Also check out our roundup of the best firewall (opens in new tab) services
Phishing emails also rose by 19% year-on-year, hitting 6.9 million. Discounting credential phishing, Trend Micro says, the number of threats in this category spiked 41% in a year.
Covid-19 remains the topic of choice
As expected, Covid-19 was a popular theme among criminals, as were digital services such as Netflix that saw a surge in popularity due to working from home (opens in new tab). Criminals were mostly out for personal and financial information that they could monetize.
When it comes to stealing credentials, these attempts rose 14% since 2019, and with 5.5 million attempts, it accounted for most of detected phishing emails, with criminals often following up on these emails with a phone call.
Business email compromise (BEC) emails became something of a light at the end of the tunnel. This type of attack declined 18% year-on-year. However, the successful attacks became more lucrative, as losses rose by almost half (48%) between the first and second quarter of 2020.
To remain secure, organizations should consider a comprehensive multilayered security solution, Trend Micro argues. “It supplements the pre-existing security features in email and collaboration platforms,” it added, “by using machine learning to analyze and detect any suspicious content in the message body and attachments of an email.”
- We've also highlighted the best antivirus (opens in new tab)