Third Quarter 2017 Witnessed 600% Rise in URL e-Mails Delivering Malware
The recently published Quarterly Threat Report by Proofpoint tells that malware-laced e-mails which deliver banking Trojans and ransomware programs increased during July-September 2017. Simultaneously, techniques of targeted attacks and social engineering became more sophisticated.
Furthermore, the volume of malware-laced e-mails rose 85% from the second quarter. The rise was mainly because of a large scale e-mail distribution that contained harmful URLs delivering malware. The scale can be measured with a 600% rise in volume from Q2 (April-June) as well as over 2,200% from last year. This is the maximum number of e-mails containing malware prone URLs unlike e-mail assaults based on harmful attachments ever-since 2014.
The largest scale of e-mails with malicious URLs was seen during 2-yrs-and-more, says Proofpoint. The threat category on No.1 was ransomware being responsible for almost 64% of total e-mail attacks. Among the ransomware strains, Locky alone accounted for nearly 55% of the entire e-mail volume while over 86% of the total ransomware strains.
The next threat accounting for 24% of all malware was banking Trojan. A sample known as "The Trick" comprised 70% of all malware threats exceeding the Dridex banker Trojan. Fraudulent e-mails increased 12% in the number of times distributed to the targeted organization since January-March 2017 and 32% since 2016. Attacks involving exploit kits were still far lower compared to the 2016 peak it showed, whilst of all exploit kits, the RIG exploit kit was behind 76 percent of the total activity. Infosecurity-magazine.com posted this, October 26, 2017.
Also, whilst there was a fall in exploit kit attacks during 2016, cyber-criminals who continued to utilize them currently added tools for social engineering to the campaigns. Evidently therefore, hackers haven't stopped with the use of exploits merely since they're more difficult to find as well as obtain.
With threat actors still relying on social engineering as bait for victims, fraudulent support too made up twice the volume since Q3-2016. The total bogus customer support A/Cs to carry out "angler phishing," involving creation of phony Twitter accounts mimicking client support accounts, increased 5 percent from Q2. And the total number of spoofed web-links across popular social media sites increased 10%.
» SPAMfighter News - 01-11-2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!