Cibersecurity: Why enhanced e-mail protection is the need of the hour?
Trend Micro Inc., a global cybersecurity leader reports that it has blocked over 33.6 million cloud email threats in 2021. This is a whopping 101% increase from the previous year while e-mail remains a top point of entry for cyber attacks. E-mail is very widely used and especially during the pandemic workplaces around the world depended on e-mail as their preferred mode of communication and for the malware handlers this e-mail proved to be a low effort, yet high reward mode of attack vector to spread malware. The company says e-mail was preferred by the cybercriminals not only for its simplicity, but also for its efficacy. Figures show that 74.1% of the total threats blocked by Trend Micro in 2021 are email threats. Last year, the biggest increase was noticed for emails carrying previously unidentified malware by about 221%. Among known malware, email security services blocked 3.3 million malicious files which is 134% more compared to 2020. For phishing, 16.5 million attacks were blocked, representing a 138% increase year-on-year and credential phishing attacks rose 15%, to 6.3 million instances. The company says the data was collected over the course of 2021 from products that supplement native protection in collaboration platforms such as Microsoft 365 and Google Workspace.
Another potent malware that garnered attention last year was the Panda Stealer. This malware targets mainly cryptocurrency wallets and steals credentials via spam emails. The nefarious attackers primarily targeted South American companies using fraudulent emails impersonating Colombia’s National Directorate of Taxes and Customs and even fake infidelity email lures. QAKBOT, another malware that had also been dormant for a while resumed their campaign in late 2021 after an almost three-month hiatus. The malware handler was sending malicious e-mails to victims leading them to SquirrelWaffle (another malware loader) and QAKBOT. The company also observed the distributor was conducting brute-force attacks on Internet Message Access Protocol (IMAP) services and security researchers speculate that “TR” uses ProxyLogon to acquire credentials to carry out these attacks.
A solitary silver lining in the report is that ransomware attacks have continued to decline this year as well. Last year, the Trend Micro Cloud App Security solution detected and blocked 101,215 ransomware files which is a 43.4% decrease compared to 2020’s detections. The main reasons attributed to the decline is modern ransomware are adept at highly targeted and planned attacks aimed at bigger profits unlike legacy ransomware that focuses on the quantity of victims, so the attacks have come down in recent times. Cybersecurity solutions have identified and blacklisted a number of ransomware affiliate tools like TrickBot and BazarLoader which could have prevented ransomware attacks from being successfully executed on victim environments.
The report also notes that Business E-mail Compromise (BEC) attacks have also fallen by 11%, but on the flip side there was an 83% spike in BEC threats detected using Trend Micro’s AI-powered writing style analysis feature, indicating that these scams may be getting more sophisticated. The company’s research has found that BEC campaign impersonated and targeted ordinary employees for money transfers and bank payroll account changes, so the unsuspecting victims are likely to give access. FBI reports that BEC cost businesses $2.4 billion in 2021, which is an increase from $1.8 billion in 2020. FBI reiterates that BEC is one of the most preferred ransomware by the cybercriminals. Trend Micro further echoes the point in their report saying, “the reduction in BEC victims doesn’t equate to a dip in cyber criminal profits.”
- Trend Micro Cloud App Security Threat Report 2021 – Trend Micro
- Sell your used electronic device online – iGotOffer
Trend Micro Cloud App Security Overview [Video]
Video uploaded by Trend Micro on April 15, 2021