The Latest FireEye News
Product and Solution Information, Press Releases, Announcements
|New FireEye Email Threat Report Underlines the Rise in Malware-less Email Attacks|
|Posted: Wed Sep 12, 2018 08:24:08 AM|
FireEye research reveals two-thirds of email traffic wasn’t ‘clean’ during the first half of 2018
MILPITAS, Calif., September 12, 2018 – FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today released the results of its Email Threat Report. Based on the analysis of a sample set of over half-a-billion emails from 1H 2018, FireEye found that less than a third (32%) of email traffic seen in the first half of 2018 was considered ‘clean’ and actually delivered to an inbox. The report also found that 1 in every 101 emails had malicious intent. When compared to the previous six-month period, the changes in both these numbers depict that the email landscape continues to see an increase in email-based threats.
“Not only is email the most pervasive form of communication, it is also the most popular vector for cyberattacks. This makes email the biggest vulnerability for every organization,” said Ken Bagnall, vice president of email security at FireEye. “From malware to malware-less attacks including impersonation attacks like CEO fraud, a single malicious email can cause significant brand damage and financial losses. By choosing an email security solution with features based on real-time knowledge gained from the frontlines, and by teaching users to always ensure they are communicating with who they think they are, organizations can better defend against attacks.”
Email reliance continues; cyber criminals adapt
With email security solutions focused on detecting malware, cyber criminals are now adapting their attacks, exposing organizations to malware-less assaults such as CEO fraud. In fact, the majority of attacks blocked (90%) during analysis were malware-less, with phishing attacks alone making up 81% of the blocked malware-less emails, almost doubling from January to June 2018. Data also indicates that phishing attacks will continue to rise, while impersonation attacks (which were at 19%) remain relatively proportional to the total number of attacks seen. With it only taking one email to potentially impact an entire organization, the protection of this data must be taken seriously.
Other notable email attack trends
While the overall number of attacks stayed fairly consistent each month during the evaluated six-month period, a few notable trends stuck out relative to when and how attackers struck:
Methodology and resources
The FireEye Email Threat Report is the result of FireEye’s analysis of a sample set of over half-a-billion emails from January through June 2018. For more information about ever-evolving malware and malware-less email attacks, in-depth analysis of impersonation attacks and the current tactics being used by the cyber criminals, check out this infographic, or download the full FireEye Email Threat Report.