Attackers from some time have always preferred emails to distribute malicious programs. This method was and is still in vogue. The reason why is simple: it’s effective. Email communication has evolved over the last decade. It started out with exchange simple texts and soon incorporated various multimedia content for effective communication. This also means emails could be potentially used for things that were unimaginable before. For example: distributing a ransomware through an email wasn’t possible at a time when emails couldn’t carry attachments.
Albeit, emails are now capable to take an entire organization down in a matter of minutes. All kinds of malicious activities are carried out via emails like ransomware attacks, malware infection, phishing campaigns, whaling, Business Email Compromise (BEC) and much more. A recent study conducted revealed that over half of the emails received in a user’s inbox are spam emails. This scenario poses a serious risk to individuals and organizations. Let’s take a look at threats that are percolated through emails.
A malware which when dropped into the target system, encrypts and locks the data present on the computer and the network--in some case. The data is held hostage until a specified ransom is paid via Bitcoin. WannaCry--a ransomware that sent shockwaves across the globe--was distributed via an email attachment. In addition, Locky and Jaff, two more ransomware that ruffled a few feathers of some enterprises need a special mention.
It’s a method of attacking a specific individual or organization through a highly customized phishing email which is unlike the mass phishing emails. Here, the goal and the target are known in advance. Therefore, much effort is put into crafting these emails which may also involve social engineering activities. No surprise: spear phishing has one of the highest success rates. State-sponsored phishing attacks rely heavily on spear phishing campaigns.
Business Email Compromise
This method involves a cybercriminal impersonating as a CEO or a senior-level executive and demanding information via emails. Many times, the email addresses use spoofed domains that are strikingly similar to the legitimate companies. However, one needs to look a bit closer to unveil the duplicity of such emails. It is now a globally prevailing problem and seems to be catching up pretty good.
The threats are only going to grow in the future while using email as their primary vector to spread the programs. However, there are a few things that an individual or an enterprise should adopt to keep threats at bay. It includes installing sophisticated endpoint protection system, bringing employees’ personal devices under organizational IT policies, analyzing content and patterns, dynamic IP blacklisting, email authentication and much more. Based on your budgets, you may choose to implement one or more measures and keep your network guarded.