It has been reported that the number of emails carrying malware increased to a new high in July with one in every 359 emails carrying a malicious payload, according to Symantec’s July Intelligence Report.
July also saw increases in the number of phishing attempts and spam, but the increasing use by cybercriminals of email to spread malware took center stage reaching a level not seen since December 2016. IT security experts commented below.
Bill Evans at One Identity:
This really is not that surprising. Cybersecurity, cybercrime, cyberhacking – it’s all a very deliberate dance between the forces of good and evil. Each time the cyberbad guys make a change to their modus operandi (MO), the cybergood guys evolve their solutions to address the new challenge. As stated in the Symantec report, it appears that the cyberbad guys have now adapted their e-mail based malware to actually steal email addresses and essentially send itself out in a “respam” method. This adaptation will significantly increase the percentage of emails carrying malware. In the next phase of the dance, it can be assumed with some certainty that the cybergood guys will adapt their solutions to identify and block this sort of cybernuisance. And then dance will continue.”
Mark James, Security Specialist at ESET:
Teaching our users the need to understand, spot and report potentially dodgy emails is extremely important, and has proven its worth in gold. But it needs to happen consistently and evolve around current threats- the same lecture every morning will end up falling on deaf ears, but with current attack methods and real life examples leading into reasons on how and why it can cause the worst case problems we often see leading to huge data breaches, can help the staff to become important members of the security team and not just the weakest link.
Emails are a very important part of not only our business life, but our personal as well. We need them and more often than not we have to open them- but spotting the good from the bad is not always as easy as it seems.”
Lee Munson, Security Researcher at Comparitech.com:
That Trojans and other nasties are now appearing at a faster rate than the recently popular phishing and ransomware attack vectors should be seen as troubling though.
Given the fact that recent press and security awareness commentary has been preoccupied by the former, many people could have taken their eyes off the ball where malware is concerned, potentially leaving their bank accounts at risk of fraud and their inboxes swamped by spam.
With 1 in every 359 emails containing a malicious payload, everyone should follow basic security tips such as checking the sender of every email they receive, not clicking on links in messages or opening attachments unless certain of their destination and never allowing macros to run on their devices.”
Javvad Malik, Security Advocate at AlienVault:
“We also continuously see email indicators being added to the Open Threat Exchange (OTX) on a regular basis which helps organizations to detect and respond to malicious emails. https://otx.alienvault.com/browse/pulses/?q=email&sort=-created ”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.