Email is one of the most essential and widely used communication tools in business. It is also one of the most vulnerable to cybercrime and a major contributor to malware. Hackers are increasingly using email to access private company information.
Email is one of the most vulnerable vectors to cybercrime.
According to Global Threat Intelligence Center’s 2017 Quarterly Threat Intelligence Report, the vector for 67% of the malware reported was email. Most of this malware was ransomware—which is particularly problematic for SMBs.
Phishing and Spear-Phishing
According to IBM’s most recent threat intelligence index, the volume of spam emails increase 4x in 2016 and it additional reports confirm that phishing rates have increased across all organization sizes and industries.
Ransomware + Spear-Phishing = Deadly Combination
Successful phishing and spear-phishing attacks provided the social engineering to enable several significant ransomware attacks this year. In fact, this lethal combination is becoming ever-more common.
93% of phishing emails contain or lead to ransomware according to a recent study by PhishMe.
Thousands fell victim to a Google Docs phishing scam in May that tricked users into opening a fake shared document that sought permission to access personal accounts. Those that provided authorization gave free access to their account, password, contact and email information.
In May, a phishing expedition attacked the email accounts of personnel within the Human Resources department at media company Gannet, compromising personal data of more than 18,000 current and former employee accounts. The breach was discovered by Gannett’s finance team when a compromised account attempted to make a fraudulent corporate wire transfer.
DocuSign, a digital transaction management platform used by more than 300,000 companies and over 200 million users to sign, send, and manage documents, found its customers victim to an email phishing scam this year. When opening a Word document requesting a signature, recipients inadvertently installed malicious software. While the company did not disclose the number of affected customers, they did state that their document verification service remained untouched so customer documents were safe.
All of these attacks could have been prevented if organization had a robust predictive email security solution in place.
Watch Out for Locky, Cerber and Jaff Ransomware
Several ransomwares dominate the market:
- Locky: malicious macros are attached to Word docs delivered by spam emails. An email masquerades as an invoice for payment on a product or service. <