It has been reported that the number of emails carrying malware increased to a new high in July with one in every 359 emails carrying a malicious payload, according to Symantec’s July Intelligence Report.
July also saw increases in the number of phishing attempts and spam, but the increasing use by cybercriminals of email to spread malware took center stage reaching a level not seen since December 2016. IT security experts commented below.
Bill Evans at One Identity:
“Recently, the Symantec July Intelligence Report noted that there has been an increase in phishing attempts and spam. In addition, the report goes on to state there has been a resurgence in the use of email by cybercriminals to levels not seen since December 2106.
This really is not that surprising. Cybersecurity, cybercrime, cyberhacking – it’s all a very deliberate dance between the forces of good and evil. Each time the cyberbad guys make a change to their modus operandi (MO), the cybergood guys evolve their solutions to address the new challenge. As stated in the Symantec report, it appears that the cyberbad guys have now adapted their e-mail based malware to actually steal email addresses and essentially send itself out in a “respam” method. This adaptation will significantly increase the percentage of emails carrying malware. In the next phase of the dance, it can be assumed with some certainty that the cybergood guys will adapt their solutions to identify and block this sort of cybernuisance. And then dance will continue.”
Mark James, Security Specialist at ESET:
“With so many of our devices now able to compose, send and receive emails from almost anywhere in the world, it’s no wonder that email is the number one attack vector for starting a cyber-attack. When that email lands in your inbox, regardless of whether you know its fake, there is often an urge to open it just to make sure. We as humans are naturally curious, we want to make sure, we want to believe others are trustworthy- but in the end it often proves to us what we and almost everyone else thinks; that so many emails are only there to trick us into spreading doom and gloom, either physically or metaphorically.
Teaching our users the need to understand, spot and report potentially dodgy emails is extremely important, and has proven its worth in gold. But it needs to happen consistently and evolve around current threats- the same lecture every morning will end up falling on deaf ears, but with current attack methods and real life examples leading into reasons on how and why it can cause the worst case problems we often see leading to huge data breaches, can help the staff to become important members of the security team and not just the weakest link.
Emails are a very important part of not only our business life, but our personal as well. We need them and more often than not we have to open them- but spotting the good from the bad is not always as easy as it seems.”
Lee Munson, Security Researcher at Comparitech.com:
“Cyber criminals have used email to deliver bad things to unsuspecting victims ever since the technology first gained widespread adoption and the presence of malware across the messaging system is nothing new.
That Trojans and other nasties are now appearing at a faster rate than the recently popular phishing and ransomware attack vectors should be seen as troubling though.
Given the fact that recent press and security awareness commentary has been preoccupied by the former, many people could have taken their eyes off the ball where malware is concerned, potentially leaving their bank accounts at risk of fraud and their inboxes swamped by spam.
With 1 in every 359 emails containing a malicious payload, everyone should follow basic security tips such as checking the sender of every email they receive, not clicking on links in messages or opening attachments unless certain of their destination and never allowing macros to run on their devices.”
Javvad Malik, Security Advocate at AlienVault:
“It’s not surprising to see emails remain a favoured attack vector for criminals. The ease at which email lists can be obtained and spammed indiscriminately puts the odds in favour of the criminals. It also increases the likelihood of success as each recipient usually has more than one device upon which they would read the email.”
“We also continuously see email indicators being added to the Open Threat Exchange (OTX) on a regular basis which helps organizations to detect and respond to malicious emails. https://otx.alienvault.com/browse/pulses/?q=email&sort=-created ”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.