Malware-less email attacks on the rise -- especially on Thursdays
As email security solutions focus on detecting malware, cybercriminals are now adapting their attacks, exposing organizations to more malware-less assaults such as CEO fraud.
The report by intelligence-led security company FireEye is based on analysis of a sample set of over half-a-billion emails from the first half of 2018. It finds only 32 percent of email traffic seen was considered 'clean' and actually delivered to an inbox. The report also finds that one in every 101 emails had malicious intent.
"Not only is email the most pervasive form of communication, it is also the most popular vector for cyberattacks. This makes email the biggest vulnerability for every organization," says Ken Bagnall, vice president of email security at FireEye. "From malware to malware-less attacks including impersonation attacks like CEO fraud, a single malicious email can cause significant brand damage and financial losses. By choosing an email security solution with features based on real-time knowledge gained from the frontlines, and by teaching users to always ensure they are communicating with who they think they are, organizations can better defend against attacks."
The majority of attacks blocked during analysis (90 percent) were malware-less, with phishing attacks alone making up 81 percent of the blocked malware-less emails, almost doubling from January to June 2018. The data also indicates that phishing attacks will continue to rise, while impersonation attacks (which were at 19 percent) remain relatively proportional to the total number of attacks seen.
Among other interesting trends are that Mondays and Wednesdays are the days most likely to see malware-based email attacks, while Thursdays see more malware-less attack emails. Impersonation attacks tend to occur on Fridays.
The full report is available on the FireEye website and you can see a summary of the results in the infographic below.