Anzeige
Mehr »
Login
Donnerstag, 07.11.2024 Börsentäglich über 12.000 News von 674 internationalen Medien
4.000 Meilen, um herauszufinden, warum der „Warren Buffett des Bergbaus" in diese Kupferaktie investierte
Anzeige

Indizes

Kurs

%
News
24 h / 7 T
Aufrufe
7 Tage

Aktien

Kurs

%
News
24 h / 7 T
Aufrufe
7 Tage

Xetra-Orderbuch

Fonds

Kurs

%

Devisen

Kurs

%

Rohstoffe

Kurs

%

Themen

Kurs

%

Erweiterte Suche
PR Newswire
271 Leser
Artikel bewerten:
(1)

VIPRE Security Group: Business Email Compromise (BEC) Impersonation: The Weapon of Choice of Cybercriminals, Finds VIPRE's Q3 2024 Email Threat Report

BEC attacks targeting the manufacturing sector increase to 10%; use of attachments is getting 'sneakier'; and Redline is the malware family of the quarter.

LONDON, Oct. 28, 2024 /PRNewswire/ -- VIPRE Security Group, a global leader and award-winning cybersecurity, privacy, and data protection company, has released its Q3 2024 Email Threat Trends Report, shedding light on the evolving cybersecurity landscape. This comprehensive analysis of real-world data reveals the sophisticated strategies and techniques employed by cybercriminals, with a particular persistent focus on the highly lucrative tactic of business email compromise (BEC). VIPRE processed 1.8 billion emails globally, of which 208 million were malicious.

BEC impersonation weaponisation

In this third quarter of 2024, cybercriminals intensified their efforts to exploit organisational vulnerabilities through employee deception. BEC scams surged, accounting for 58% of phishing attempts. Notably, 89% of these BEC attacks involved impersonation of authority figures, including CEOs, senior executives, and IT staff, underscoring the sophisticated tactics employed by malicious actors.

BEC aims for the manufacturing sector

The manufacturing sector saw a significant rise in BEC attacks, potentially driven by financial fraud. These incidents increased from just 2% in Q1 to 10% in Q3 this year. This rise may be attributed to the industry's widespread use of mobile sign-ins at various worksites. Employees accessing systems "on the go", often under pressure to meet production deadlines, are more susceptible to phishing attempts.

Subtler tactics are a larger threat

Email threats in Q3 were dominated by scams (34%), commercial spam (30%), and phishing (20%). These email threats overshadowed ransomware and malware combined, which comprised less than 20% of all email attacks. Interestingly, despite their lower prevalence, ransomware and malware continue to receive disproportionate attention from the cybersecurity industry.

Sneakier attachments

To counter advancing email security solutions, criminals are deploying increasingly more intricate methods to bypass defenses. Attackers are employing sneakier techniques such as disguising malicious attachments as voicemail recordings or critical security updates to lure unsuspecting users into downloading them.

Additionally, Microsoft PDFs and .DOCX files remain the most common forms of malicious attachments. In Q3 2024, 2.18 million emails were detected containing harmful attachments, marking a 30% increase from the previous quarter's 21% attachment-based attacks.

Phishing links and compromised websites

Cybercriminals continue to favour the URL redirection technique, a tactic that typically proves effective at evading security controls. This deceptive ploy utilises a "clean" URL within the body of the email, which then redirects unsuspecting users to a malicious one once inside. In Q3 2024, URL redirection accounted for 52% of such attacks, leading victims to meticulously crafted fraudulent websites designed to appear authentic, and gain trust.

Malspam pendulum swing from malicious links to attachments

When it comes to malspam, there is a pendulum swing from a preference for malicious links to attachments. During Q3, malspam efforts were centered on malicious attachments (64%), while only 36% employed a link. The attachment formats used were predominantly LNK, ZIP, and DOCX. Only a quarter ago, links were the tool of choice by a factor of nearly nine-to-one (86% links to 14%).

The 'Malware Family of the Quarter' goes to Redline

Redline is the top malspam family of Q3 2024, a spot it has maintained since the corresponding quarter in 2023. RedLine is designed to steal sensitive information from web browsers, such as credentials and payment data. Typically distributed via phishing emails or malicious websites, it sends stolen data to a command-and-control server controlled by the attacker. It can completely take over a compromised machine and uses multiple infiltration methods.

"The findings of this report yet again illustrate the sophistication of criminal tactics. BEC email and phishing attacks are becoming more targeted and convincing," Usman Choudhary, CPTO, VIPRE Security Group, says. "Additionally, malware distribution through malicious spam campaigns continues to pose a serious threat to organisations. These findings stress the critical need for robust cybersecurity measures and ongoing employee education to combat these evolving threats, especially as bad actors gear up for the upcoming holiday season - Black Friday, Thanksgiving, Christmas, and New Year."

To read the full report, click here: VIPRE's Email Threat Trends Report: Q3 2024.

VIPRE leverages its vast understanding of email security to equip businesses with the information they need to protect themselves. This report is based on proprietary intelligence gleaned from round-the-clock vigilance of the cybersecurity landscape.

About VIPRE Security Group

VIPRE Security Group, part of Ziff Davis, Inc., is a leading provider of internet security solutions purpose-built to protect businesses, solution providers, and home users from costly and malicious cyber threats. With over 25 years of industry expertise, VIPRE is one of the world's largest threat intelligence clouds, delivering exceptional protection against today's most aggressive online threats. Our award-winning software portfolio includes next-generation antivirus endpoint cloud solutions, advanced email security products, along with threat intelligence for real-time malware analysis, and security awareness training for compliance and risk management. VIPRE solutions deliver easy-to-use, comprehensive layered defense through cloud-based and server security, with mobile interfaces that enable instant threat response. VIPRE is a proud Advanced Technology Partner of Amazon Web Services operating globally across North America and Europe.

The group operates under various brands, including VIPRE®, StrongVPN®, IPVanish®, Inspired eLearning®, Livedrive®, and SugarSync®. www.VIPRE.com

Cision View original content:https://www.prnewswire.co.uk/news-releases/business-email-compromise-bec-impersonation-the-weapon-of-choice-of-cybercriminals-finds-vipres-q3-2024-email-threat-report-302287491.html

© 2024 PR Newswire
Tenbagger-Chance mit der nächsten BioNTech

Erinnern Sie sich, als Moderna und BioNTech von unbekannten Unternehmen zu globalen Marktführern wurden und frühzeitige Investoren reich belohnt haben?

Die Branche steht vor einem erneuten Innovationsschub – von bahnbrechenden Medikamenten bis hin zu revolutionären Therapien.

Warum sollten Sie dabei sein?

Sie sollten jetzt in Biotech-Aktien einsteigen, weil wir am Beginn einer neuen Ära der medizinischen Innovation stehen könnten! Gen- und Zelltherapien, personalisierte Medizin und bahnbrechende Technologien könnten das Gesundheitswesen revolutionieren – und die Aktienkurse in die Höhe schießen lassen.

Die nächste Erfolgsgeschichte im Biotechbereich warten nur darauf, entdeckt zu werden. Wer jetzt investiert, hat die Chance, von gigantischen Durchbrüchen und enormen Renditen zu profitieren. Warten Sie nicht, bis es zu spät ist - der nächste Biotech-Superstar könnte morgen schon durchstarten!

Verpassen Sie nicht diese Chance!

Fordern Sie sofort unseren brandneuen Biotech-Spezialreport an und erfahren Sie, welche 3 Biotech-Aktien das riesige Potenzial haben, Ihren finanziellen Erfolg zu sichern. Dieser Report ist komplett kostenlos und zeigt Ihnen zukunftsträchtige Investments im Biotech-Sektor.

Handeln Sie jetzt und sichern Sie sich Ihren kostenfreien Report!

Werbehinweise: Die Billigung des Basisprospekts durch die BaFin ist nicht als ihre Befürwortung der angebotenen Wertpapiere zu verstehen. Wir empfehlen Interessenten und potenziellen Anlegern den Basisprospekt und die Endgültigen Bedingungen zu lesen, bevor sie eine Anlageentscheidung treffen, um sich möglichst umfassend zu informieren, insbesondere über die potenziellen Risiken und Chancen des Wertpapiers. Sie sind im Begriff, ein Produkt zu erwerben, das nicht einfach ist und schwer zu verstehen sein kann.