Taking a Gander at Threats Inside Malicious Emails

The COVID-19 pandemic not only disrupted the normal way of life globally but also gave rise to various web-phishing attacks.

Up-to-the-minute stats

  • In the first half of 2020, Group-IB found that 43% of malicious emails had spyware as attachments or links that led to their download.
  • Backdoors and banking trojans accounted for 16% and 15% of the malicious payloads, respectively.
  • Ransomware had a share of less than 1% among the malicious emails.

Notable attacks pertinent to the above stats

  • The Transparent Tribe APT group was found deploying new Android spyware for cyberespionage purposes.
  • After an interlude of several months, the Zeppelin ransomware came back to the arena. It came with a new trojan downloader and has been targeting the healthcare and technology sectors.
  • A creative phishing campaign has popped up that leverages an email template pretending to be a reminder to finish a security awareness training from a renowned security organization.

Cyberthreat chronicles

  • Online services were the primary target of web-phishers. The ecommerce sector is especially lucrative as cybercriminals can steal user credentials to gain access to victims’ payment information.
  • After online services came email service providers and financial organizations. The chief web-phishing target categories include cloud storages, payment info, dating websites, and social networking sites.
  • As per experts, the desire for more profits are likely to result in the surge of targeted ransomware attacks.

The takeaway

This year marked a substantial increase in cyberattacks, mainly pertaining to the coronavirus pandemic. With the increasing sophistication and evolution of threat actors, businesses and organizations are recommended to increase their cybersecurity spending and vigilance, especially to secure the remote work environment.