FireEye incident responders and analysts are on the frontlines of numerous attacks every year. Whether it’s a minor incident or a crippling breach, many of these attacks have one thing in common: it all started with one email.
Email attacks continue to be a significant problem, especially for organizations. Employees use email all day, relying on it heavily for communication and productivity gains. That said, all it takes is one slip-up for an attacker to gain a foothold in an organization. Sometimes it’s as simple as unknowingly opening a malicious attachment or clicking a malicious URL within the body of an email. These days, we have seen a large uptick in the number of impersonation attacks, which happen when threat actors impersonate key individuals in order to trick other individuals into taking a specific action.
To learn more about how today’s attackers are targeting users via email, download our latest report, Get One Step Ahead of Email Threats: Email Threat Report for January-June 2018. The report contains a wide variety of information about the types of email threat trends that FireEye has been seeing during the first half of this year, including:
- Malware-less email attacks reign supreme: The majority of email attacks we’re seeing are malware-less, meaning organizations should expect more impersonation attacks and less emails containing ransomware as an attachment.
- Impersonation emails leading to phishing sites: Attackers are increasingly posing as important individuals in organizations and sending emails that contain malicious links. These links could host malware, or the site itself could be a phishing page used to steal credentials.
- A shift to friendly name impersonation: Attackers are favoring friendly name impersonation over domain name spoofing, likely because it is much easier to spoof the display name and username portion of an email header than to buy and register a domain.
On top of all that, we pulled a bunch of statistics from our research, and here are just a few that are discussed in the report: one out of every 101 emails is of malicious intent (an increase over the past six month period), 46 percent of ransomware attacks originate from email, and email is the point of entry for 91 percent of cyber attacks.
Learn more about today’s email threats by downloading the report today!