Trojans account for more than 70 percent of opportunistic email attacks
Analysis by Mimecast of 67 billion attack emails between April and June this year reveals that opportunistic attacks are dominated by Trojans, which make up 71 percent.
Targeted attacks are lower in volume but are specifically designed to get past commodity malware scanners by using newly detected or updated malware not detectable with file signatures.
The report notes a significant increase in impersonation attacks, leveraging well-known basic social engineering techniques to target individuals for fast and easy financial gain. Interestingly, the report cites that threat actors are adapting how they engage their targeted victims, initiating through email first, then shifting to SMS, a less secure communications channel.
Microsoft Excel is one of the most popular file types used to distribute malicious activity, as more than 40 percent of threats detected used files associated with it. File types associated with Microsoft Word were seen in nearly 15 percent of threats.
Spam is heavily used by threat actors as a way to distribute malware. Professional Education is the most targeted sector for spam, as it is likely seen as a prime target due to constantly changing student populations that are not likely to have high security awareness, along with the potential for attackers to get access to personal data. Attacks on management and Consulting, and biotechnology industries account for 30 percent of all impersonation attacks
"The cyberthreat landscape will continue to evolve as threat actors continue to look for new ways to bypass security channels to breach their targets. We've observed malware-centric campaigns becoming more sophisticated, often using different types of malware in different phases of an attack -- yet, at the same time very simple attacks are also increasing significantly," says Josh Douglas, vice president of threat intelligence at Mimecast. "The mission of the Threat Intelligence Report is to help organizations better understand the global threat landscape, so they can make more informed decisions on how to strengthen their security posture."
You can find out more in the full report available from the Mimecast site.