SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Email Security
#
Microsoft
#
Amazon
Hornetsecurity analysis reveals surge in email threats
Thu, 30th Nov 2023
Author image
By Shannon Williams, Journalist
Follow us

The Cyber Security Report 2024 by Hornetsecurity analyses the nature of email threats observed over the previous year, revealing trends and forecasts for the upcoming year.

Hornetsecurity's report reveals that the use of malicious web links in emails has surged by 144% in 2023, compared to the previous year. As a result, malicious URLs jumped from constituting 12.5% of all threats in 2022, to an alarming 30.5% in 2023. The analysis is based on an examination of a staggering 45 billion emails.

Despite this alarming rise in malicious URL usage, it's the phishing technique that remains the most prevalent ilk of email attacks. The occurrence of such attacks has marginally increased by 4 factor points this year, moving from 39.6% in 2022 to 43.3% of all email-based attacks in 2023.

Daniel Hofmann, CEO of Hornetsecurity, shed light on the findings of the report, saying, "Email continues to be one of the key methods of attack that threat actors use. The boom in malicious web links and steady rise in phishing demonstrates that organisations cannot underestimate the damage such threats can cause."

According to the comprehensive analysis, over a third (36.4%) of the 45 billion emails were categorised as unwanted, with 3.6% (over 585 million) identified as malicious.

Shifting tactics of cyber criminals were highlighted too. Following Microsoft's move to disable macros by default in Office, criminals significantly curtailed the use of DOCX and XLSX files, instead preferring HTML files, PDFs and Archive files, with HTML file usage notably up by 76.6% over the previous year.

As for brand impersonation, shipping and e-commerce emails were found to be particularly deceptive. DHL, Amazon, and Fedex accounted for a sizable portion of all fraudulent email impersonations, with 26.1%, 7.7%, and 2.3% respectively.

Hofmann added, "Taking a reactive approach, responding only to specific threats or after falling victim to them, leaves businesses vulnerable. Businesses need a zero-trust mindset and should adopt all-encompassing security services. Our research highlights the adaptability of cybercriminals, and the rapid shifts that have taken place in the last year."

While virtually all businesses are at risk from email threats, industries such as research, entertainment, and manufacturing face increased danger due to the nature and value of the data they handle or the infrastructure they use.

The comprehensive Cyber Security Report 2024 provides a wealth of information and goes on to predict trends for the coming year, underscoring the importance of vigilance and dynamic responding in the face of these unpredictable threats.

Related stories
AI & ML form critical defence against digital deception
Firms outsource new email security measures implementation
Telegram users targeted in cryptocurrency scam, Kaspersky reports
AI scams prompt need for advanced fraud-detection technologies
Legit Security announces strategic partnership with GuidePoint Security
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds