Malware sent to emails surged by 196% between 2020 and 2021, accounting for 74.1% of all threats averted by Trend Micro last year, reports ZDNet.
Unknown malware strains increased by 221% year-over-year, while known malware rose by 134% during the same period, with the Emotet botnet, Panda Stealer malware, Qakbot, and a South America-targeting advanced persistent threat operation being the most pervasive email threats last year, a study from Trend Micro revealed.
While Trend Micro was able to detect and thwart 43.4% fewer email-sent ransomware files in 2021 than in 2020, it was able to identify 15.2% more credential exfiltration attempts. Moreover, year-over-year detections of business email compromise attacks dropped by 10.61% even though the FBI reported BEC costs rising from $1.8 billion to $2.4 billion between 2020 and 2021.
"The reduction in BEC victims doesn't equate to a dip in cyber criminal profits," said Trend Micro in its report.
Sixty thousand emails from U.S. State Department accounts were noted by a staffer working for Sen. Eric Schmitt, R-Mo., to have been exfiltrated by Chinese threat actors during the widespread compromise of Microsoft email accounts that commenced in May, according to Reuters.
Threat actors have leveraged the ZeroFont phishing attack technique, which initially involved the insertion of hidden characters or words in emails to evade security detection systems, to modify message previews as shown on Microsoft Outlook and other email clients, BleepingComputer reports.
BleepingComputer reports that individuals who have filed claims against bankrupt cryptocurrency lender Celsius have been subjected to phishing attacks involving the impersonation of the lender's claims agent, Stretto.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news