Wednesday 30 / April / 2025
Muscat: One in every 101 emails in the first half of 2018 had malicious intent, according to an Email Threat Report released on Sunday by the FireEye, an intelligence-led security company.
Based on the analysis of a sample set of over half-a-billion emails from the first half of 2018, FireEye found that less than a third (32 per cent) of email traffic seen in the first half of 2018 was considered "clean" and actually delivered to an inbox.
The report also found that one in every 101 emails had malicious intent. When compared to the previous six-month period, the changes in both these numbers depicted that the email landscape continued to see an increase in email-based threats.
“Not only is email the most pervasive form of communication, it is also the most popular vector for cyber attacks. This makes email the biggest vulnerability for every organisation,” said Ken Bagnall, vice president of email security at FireEye.
“From malware to malware-less attacks, including impersonation attacks such as CEO fraud, a single malicious email can cause significant brand damage and financial losses. By choosing an email security solution with features based on real-time knowledge gained from the frontlines, and by teaching users to always ensure they are communicating with whom they think they are, organisations can better defend themselves against attacks,” added Bagnall.
With email security solutions focused on detecting malware, cyber criminals are now adapting their attacks, exposing organisations to malware-less assaults such as CEO fraud, he said.
In fact, the majority of attacks blocked (90 per cent) during analysis were malware-less, with phishing attacks alone making up 81 per cent of the blocked malware-less emails, almost doubling from January to June 2018.
Data also indicated that phishing attacks would continue to rise, while impersonation attacks (which were at 19 per cent) remained relatively proportional to the total number of attacks seen. With it only taking one email to potentially impact an entire organisation, the protection of this data must be taken seriously.
While the overall number of attacks stayed fairly consistent each month during the evaluated six-month period, a few notable trends stuck out relative to when and how attackers struck:
Relative to malware-based attacks, Mondays and Wednesdays were most common.
Malware-less attacks were most likely to occur on a Thursday, including domain name spoofing and attacks using a spoofed friendly user name, with the exception of newly existing domains, which peaked on Wednesdays instead.
Impersonation attacks were most likely to occur on a Friday.
When it came to the weekend, malware-less attacks continued to be more prevalent than malware-based attacks, with domain name spoofing attacks and newly existing domains being the most likely among them.
The FireEye Email Threat Report is the result of FireEye’s analysis of a sample set of over half-a-billion emails from January through June 2018.
FireEye is an intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organisations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,100 customers across 67 countries, including more than 45 per cent of the Forbes Global 2000.
