Security Market Segment LS
Friday, 13 March 2020 02:20

Phishing-related threats majority of high-risk email threats blocked in 2019, says security firm Featured

By

More than 12.7 million high risk email threats were blocked in 2019 by one global security firm, with 11 million of the emails phishing-related, making up 89% of all blocked emails.

Of these, security firm Trend Micro detected 35% more credential phishing attempts than in 2018, with the number of unknown phishing links in the attacks jumping from just 9% of the total to more than 44% in 2019 - with the company suggesting this may demonstrate that scammers are registering new sites to avoid detection.

According to Trend Micro the email attacks involved its customer leveraging cloud-based email services from Microsoft and Google - with the second layer of defence catching threats beyond those detected by the cloud email services’ built-in security.

“Organisations are leveraging the power of SaaS-based applications in greater numbers to drive productivity, cost savings and growth. However, in doing so they may be opening themselves up to risk if they only rely on built-in security,” said Mick McCluney, Technical Director at Trend Micro ANZ.

“As our report shows, built in security is not enough on its own to stop today’s cybercriminals. Businesses must take ownership of cloud protection and find a multi-layered third-party solution to enhance their platform’s native security functionality.”

The report also shows that criminals are getting better at tricking the first layer of defence against Business Email Compromise (BEC) attacks, which typically look at attacker behaviours and intention analysis of the email content.

The percentage of BEC attacks caught by AI-powered authorship analysis increased from 7% in 2018 to 21% in 2019, reports Trend Micro

Emerging phishing techniques outlined in the report include the increasing use of HTTPS and targeting Office 365 administrator accounts, enabling malicious hackers to hijack all connected accounts on the targeted domain and use them to send malware, launch convincing BEC attacks and more.

To this end, Trend Micro says it blocked nearly 400,000 attempted BEC attacks - 271% more than in 2018.

In the face of such threats, Trend Micro recommends organisations take the following mitigation steps:

  • Move away from a single gateway to a multi-layered cloud app security solution
  • Consider sandbox malware analysis, document exploit detection, and file, email, and web reputation technologies to detect malware hidden in Office 365 and PDF documents
  • Enforce consistent data loss prevention (DLP) policies across cloud email and collaboration apps
  • Choose a security partner that can offer seamless integration into their cloud platforms, preserving user and admin functions
  • Develop comprehensive end user awareness and training programs.

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.

REGISTER HERE!

LAYER 1 ENCRYPTION A KEY TO CYBER-SECURITY SOLUTION

Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.

DOWNLOAD!

Peter Dinham

Peter Dinham - retired and is a "volunteer" writer for iTWire. He is a veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

VENDOR NEWS & WEBINARS

REVIEWS

Recent Comments