Email security threats are more dangerous than ever - here's what you need to know

A shocked girl sitting on sofa at home looking on laptop screen
(Image credit: Shutterstock)

The use of generative artificial intelligence (AI) tools such as Chat-GPT and the increasing popularity of cloud services have made spam and phishing emails infinitely more dangerous, new research has claimed.

A new report from the VIPRE Security Group found that as consumers started using the cloud more, so did hackers. Link-based malware delivery made up 58% of all malicious emails for the quarter, while attachments made up the remaining 42%. 

Cloud storage services have greatly developed as a malspam delivery method, too, accounting for 67% of all malspam delivery methods in the quarter, VIPRE said. Legitimate but compromised websites made up the remaining 33%.

Cloud and chatbots

At the same time, the use of generative AI tools made spam and phishing emails harder to spot. Usually, it was poor grammar, spelling mistakes, or weird formatting, that gave it away and allowed the victims to spot a phishing email before downloading an attachment or clicking a link. 

Now, with the help of AI tools such as Chat-GPT, hackers can create well-formatted, highly literate messages, that are indistinguishable from benign ones. This forces the victims to deploy additional countermeasures to combat the threat.

In general, VIPRE’s tools detected 233.9 million malicious emails in the third quarter of the year, alone. 110 million emails were attributed to malicious content, while 118 million to malicious attachments. Finally, 150,000 emails displayed “previously unknown behaviors” suggesting that hackers are constantly trying out new things and evolving their tactics for maximum performance.

Phishing and spam remain one of the most popular attack vectors for every hacker’s arsenal. They’re cheap to produce and deploy, and with a little luck, can reach large numbers of potential victims. Businesses are advised to educate their employees on the dangers of phishing, and to make sure they scrutinize every email coming in, regardless of who the sender is.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.