2nd Edition

Tracking the trends and news for IT and IT Security

Paul Davis

VIPRE Security Group’s Q3 2023 Email Threat Report Reveals PDFs, Callback Phishing and Malware Via Google Drive Growing in Popularity Among Criminals

VIPRE Security Group’s Q3 2023 Email Threat Report Reveals PDFs, Callback Phishing and Malware Via Google Drive Growing in Popularity Among Criminals>
Vipre Press Release
The Q3 Email Threat Trends Report 2023 by VIPRE Security Group highlights the evolving methods adopted by cybercriminals in response to changing consumer habits and advancements in technology.
The report analyzed nearly two billion emails and identified several key findings:
1) Malicious Links: Threat actors are increasingly concealing malicious links in Google Drive and other cloud storage spaces.
This method accounted for 67% of malspam delivery methods in Q3 2023)
2) PDFs as Malspam: The use of PDFs as a malspam delivery tool has quadrupled since Q1 2023)
3) Callback Phishing and Redline Malware: Callback phishing and user-friendly Redline malware are on the rise.
4) ChatGPT Influence: ChatGPT, a generative AI tool, has improved phishers’ ability to deceive individuals by producing well-formatted and sophisticated emails.
5) LinkedIn Slink: LinkedIn Slink, an unforeseen malicious workaround, has been observed.
6) Malicious Emails: Over 9 million malicious emails were detected in Q3 2023)
7) Content and Attachments: 110 million emails were attributed to malicious content, while 118 million were linked to malicious attachments.
8) Unknown Behaviors: Approximately 150,000 emails displayed previously unknown behaviors.
9) Delivery Methods: Link-based delivery was favored by threat actors, accounting for 58%, while attachments represented 42%.
10) Heuristic Approaches: Combined heuristic approaches were more effective in detecting spam instances compared to signature-based detection methods.
VIPRE identified over one million spam incidents using combined heuristics.
The report concludes that email threats continue to challenge cybersecurity teams and highlights the rapid evolution of cybercriminal tactics.
It emphasizes the necessity of understanding and combating these threats, leveraging knowledge of attack methods and trends to enhance organizational security measures.
The report also highlights the increasing use of AI tools by cybercriminals to create more convincing emails that are difficult to distinguish from legitimate communications.
Link: https://vipre.com/resources/press-releases/vipre-releases-q3-2023-email-threat-trends-report/

Categories:

Tags: