Malicious emails bypass SEGs every 45 seconds
New data from Cofense shows one malicious email bypassing customers' Secure Email Gateways (SEGs) every 45 seconds -- up from every 57 seconds in 2023.
The report also highlights the rapid rise in Remote Access Trojans (RATs) and the evolution of credential phishing techniques that exploit trusted platforms. Remcos RAT emerged as the predominant malware, using methods to bypass SEGs with ease.
In addition, open redirects using popular sites like TikTok and embedded QR codes in Office documents have contributed to an impressive surge in document-based phishing attacks.
"We continue to see threats bypassing perimeter email security defenses at an alarming rate, which is a clear indication that threat actors continue to innovate phishing campaigns faster than technology can stop them," says Josh Bartolomie, vice president of global threat services at Cofense. "It's time organizations rethink their approach to email security. Focus on solutions that combine technology and human insights, leveraging real-time threat intelligence to effectively combat emerging risks."
Malicious Office document usage has risen by almost 600 percent. Documents -- most notably .docx files embedded with phishing links or QR codes -- saw usage rise significantly. These attachments help attackers sidestep detection, increasing the likelihood of reaching user inboxes.
There have been changes in data exfiltration tactics too, domains using the .ru and .su TLDs saw usage increase by more than four times and 12 times, respectively. This trend points to a notable shift in how data exfiltration is approached within credential phishing efforts, reflecting an adaptive use of lesser-monitored TLDs.
Looking ahead, the report anticipates a rise in the use of GitHub as a means for bypassing SEGs, leveraging its credibility to avoid detection. Phishing campaigns with holiday themes are likely to increase too, tapping into seasonal consumer habits. As interest rates decrease, phishing efforts aimed at financial concerns such as US brokerage firms like Fidelity, Vanguard, and Charles Schwab may see growth.
There will be a webinar to discuss the findings tomorrow, November 20th, at 11am ET.
Image credit: denismagilov/depositphotos.com