VIPRE Security Group’s Q3 2024 Email Threat Trends Report reveals the increasing sophistication of email-based threats, particularly business email compromise (BEC) and malspam campaigns, which have intensified across industries. Analyzing 1.8 billion emails globally, of which 208 million were identified as malicious.
As email security advances, cybercriminals are using more sophisticated tactics to evade detection. They often disguise harmful attachments, such as PDFs and DOCX files, as harmless voicemails or urgent security updates to trick recipients.
VIPRE’s Chief Product and Technology Officer, Usman Choudhary, commented, “BEC and phishing attacks are becoming more targeted and convincing, highlighting the critical need for advanced cybersecurity measures and employee education—especially as cybercriminals prepare for the upcoming holiday season.”
Manufacturing Sector Under Siege
BEC incidents targeting the manufacturing sector climbed sharply from 2% in Q1 to 10% in Q3. VIPRE’s report suggests this increase may be due to the sector’s high reliance on mobile access, leaving employees more susceptible to phishing attacks while working remotely or on the go. Globally, the sectors most frequently targeted by BEC, phishing, and malspam emails this quarter were manufacturing (27%), energy (23%), and retail (10%).
BEC Scams are on the Rise with New Impersonation Tactics
In Q3, BEC attacks made up 58% of phishing threats, with impersonation tactics playing a central role. VIPRE reports that 89% of BEC attacks involved posing as authority figures—such as CEOs, executives, and IT staff—showcasing cybercriminals’ strategic understanding of organizational roles and exploitation of employee trust. Notably, 36% of BEC samples analyzed in Q3 were generated using AI, with cybercriminals leveraging generative AI to craft convincing BEC content. These findings underscore a heavy reliance on social engineering to deceive employees into sharing sensitive information or authorizing fraudulent transactions.
URL Redirection and Phishing Links
URL redirection continues to be a favored phishing technique, accounting for 52% of phishing attempts. By embedding a “clean” link in emails, attackers are able to redirect unsuspecting users to malicious sites, bypassing initial security screenings. This tactic further complicates email defenses, emphasizing the need for security solutions capable of analyzing URLs dynamically. Compared to the previous quarter, threat actors have increased their use of attachments in malicious campaigns (30% in Q3 versus 21% in Q2), with a corresponding slight decrease in the use of links and QR codes.
Redline Stealer: The Malware Family of the Quarter
For the third consecutive quarter, Redline Stealer emerged as the top malware family, primarily distributed via phishing emails. This malware targets sensitive data from web browsers, including login credentials and payment details, using a customizable file-grabber to focus on specific file types, which highlights its ongoing threat to organizations. Redline’s continued dominance illustrates the staying power of well-engineered malware and the ongoing need for proactive defense measures.
A Wake-up Call for Organizations
Cybercriminals are not just refining their techniques but also adapting to the existing defensive measures in place. The shifting focus from general malware to highly personalized BEC scams requires organizations to stay vigilant and responsive to emerging threats. These findings underscore the urgent need for businesses to invest in adaptive, behavior-focused security tools and to cultivate a culture of security awareness. Implementing multi-layered email defenses and advanced threat detection will be essential in countering the evolving tactics of cybercriminals.
For further insights and details, access the full VIPRE Q3 2024 Email Threat Report.
Dilki Rathnayake is a cybersecurity content writer and the Managing Editor at Information Security Buzz, with a BSc in Cybersecurity and Digital Forensics. She is skilled in computer network security and Linux system administration. Dilki has also led awareness programs and volunteered for communities promoting best practices for online safety.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.