VIPRE Security Group releases its Q1 Email Threat Trends Report 2023

383 Views

VIPRE Security Group today announced the release of its Q1 Email Threat Trends Report 2023. This release provides the community with exhaustive up-to-date research on one of the most pervasive and enduring forms of cybercrime. VIPRE researchers worked tirelessly throughout early 2023, analysing almost 2 billion emails to deliver the Email Threat Trends Report 2023: Q1 and aid the industry in its never-ending battle against email-based attacks and tackle the ever-present email security issue.

Key findings from the report include:

  • Financial institutions (25%) were the most targeted sector
  • 77% of phishing emails utilised malicious links
  • The vast majority (76%) of spam emails originated in the United States
  • Researchers detected over 100,000 new to the wild malicious emails with no known signature

Of those 2 billion emails, VIPRE classified 228,000, or 5% as spam. Of those spam emails, 137,000 were attributable to content, suggesting that scammers prefer to coerce their victims into performing an action, such as transferring money, to clicking an infected link or attachment. Scammers likely favour spam emails attributable to content because potential victims are increasingly wary of opening attachments or clicking links, making these techniques less effective.

Over one in four (28%) of those spam emails belonged to a phishing campaign, with 77% utilising nefarious links and 23% leveraging malicious attachments. Suspicious links likely came out on top because most phishing-as-a-service (PaaS) providers favour URLs over attachments for their pre-built phish kits. Interestingly, malicious links attributed to compromised websites increased by 26% over the past year, suggesting that sketchy URLs now perform better than suspect attachments. Cybercriminals leveraged these websites by: 

  • Embedding malicious scripts into forms on the website
  • Causing a malware agent to download upon clicking
  • Swapping legitimate hyperlinks for malicious ones

However, 97% of malspam emails contained malicious attachments, while only 3% contained malicious links, suggesting that malspammers have had more historical success with attachments when compared to links.

“Despite being one of the more rudimentary attack techniques, email-based threats continue to make headlines and bring the world’s largest companies to their knees,” said Usman Choudhary, Chief Product and Technology Officer, VIPRE.  “It’s not enough to offer uninformed, checkbox security awareness training; organisations must tailor their approaches according to up-to-date research.”

Unsurprisingly, financial institutions (25%) are still the most targeted sector, followed closely by healthcare (22%) and education (15%) providers. Cybercriminals like to target financial institutions and education due to the vast amounts of sensitive data they handle; healthcare providers are a favoured target for deploying ransomware as business continuity is essential and are likely to pay ransoms.

More surprisingly, however, 76% of spam emails originated in the United States, contradictory to the assumption that cybercrime typically originates in non-western countries. Russia surprisingly didn’t even make it into the top three, despite topping the list three years ago. However, it’s important to remember that spammers will often deliberately obfuscate their geographical location to suggest they are in the US, skewing the results.

Regarding impersonated brands, Microsoft was way out in front in Q1 2023, being impersonated almost three times more than other top brands like DHL, WeTransfer, and Apple. This discrepancy is likely due to the massive increase in cybercriminals exploiting Microsoft OneNote in February.

Most concerning, VIPRE found over 100,000 new to the wild malicious emails with no known signatures. VIPRE uncovered these emails with behavioural detection technology, meaning that basic, signature-based email security tools would have failed to detect them. It’s clear that email threats aren’t going anywhere any time soon – and could even be getting worse.

“An extraordinary amount of effort, international resources, experienced analysis, and enterprise-level technology has gone into producing this report. We occupy a unique position in the email security space and are dedicated to offering our expertise and intelligence to SMEs who would otherwise be left in the dark,” Choudhary continued.

To read the full Email Threat Trends Report 2023: Q1, download the full report here.