E-mail remains the favorite entry route for cybercriminals, both for spreading malware and for collecting identification data through phishing. And the situation is far from improving: according to cybersecurity company Trend Micro, malware transmitted by email increased by 196% in 2021 compared to the previous year.
Some 74.1% of all threats blocked by Trend Micro in 2021 were threats delivered through our email boxes, while its products blocked more malware delivered to websites. The cybersecurity firm has also seen a sharp increase in the spread of malware – both known and unknown so far – which has increased by 134% and 221% respectively year-on-year.
Another notable trend in 2021, attacks on cryptocurrency wallets have become widespread enough that Microsoft is now trying to promote the name “cryware” for this type of information-stealing malware. Ransomware threats delivered via email decreased in 2021 as attackers moved from mass campaigns with small demands aimed at individuals to highly targeted efforts involving larger ransom amounts to decrypt files.
BECs are popular
Trend Micro’s cloud security app detected and blocked 101,215 ransomware files, down 43.4% from the instances it detected in 2020. Ransomware gangs have long favored hotspots. end insecure Windows RDP to compromise targets. The security firm detected 6.2 million attempts to steal victim credentials in phishing emails, up 15.2% year-on-year.
Business email compromise (BEC) trends are very difficult to identify. According to Trend Micro, BEC detections decreased by 10.61% compared to the previous year. However, the FBI says for its part that these types of attacks targeting professional emails cost companies a whopping $2.4 billion in 2021, up from $1.8 billion in 2021. 2020.
This is not without reason: for the US federal agency, BECs are much more lucrative than ransomware. Scammers who specialize in this type of attack mainly rely on sophisticated and targeted social engineering to convince employees to authorize unwanted transfers. “Reducing BEC victims does not equate to lower profits for cybercriminals,” notes Trend Micro.
Source: ZDNet.com