FireEye Stories Blog

FireEye Email Threat Update: How Attackers are Getting Ahead in the Cloud

Attackers are constantly adapting their tactics to get past email security defenses. Bad actors are following where the money goes, with an arsenal of tools at their disposal. That’s why as companies migrate to the cloud, we see more attackers exploiting cloud services to perpetrate their attacks.

Today at FireEye Cyber Defense Summit we released our latest email threat update. The analysis of more than two billion emails is visually depicted within our new infographic (these findings are the result of FireEye analysis against a sample set of more than two billion emails from April through June 2019).

To summarize, we have identified several significant themes:

  • Attackers Are Getting Ahead in the Cloud: As companies continue migrating to the cloud, bad actors are abusing cloud services to deploy phishing attacks. Some of the most common tactics include hosting Microsoft-themed phishing pages with Microsoft Azure, nesting embedded phish URLs in documents hosted on popular file sharing services, and establishing phishing URL redirects on popular email delivery platforms.

  • Microsoft Continues to Be the Most Popular Brand Used in Phishing Lures: A typical phishing email impersonates a well-known contact or trusted company to induce the recipient to click on an embedded link, with the ultimate goal of credential or credit card harvesting. FireEye saw Microsoft- and Office 365-themed phishing attacks increase by 181 percent from Q1 2019 to Q2 2019, as Microsoft continues to be the most popular brand utilized in phishing attacks with 68 percent of all phishing detections.

  • Entertainment/Media/Hospitality Most Targeted Vertical: Q2 saw a shakeup in the most targeted vertical industries. Entertainment/Media/Hospitality has stolen the number one spot from Financial Services, which dropped to number two. Other highly targeted verticals for email-based attacks include Manufacturing, Service Providers, Telecom, State & Local Government, Services/Consulting, and Insurance.

Check out our infographic for more information on the changing email threat landscape, including the top ways attackers are evading detections.