ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
Recent Quotes
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Overview
News
Currencies
International
Treasuries

VIPRE Security Group’s Q3 2023 Email Threat Report: More Malicious Links, AI Improves Phisher Dupes

By: PRUnderground

VIPRE’s research also reveals PDFs, callback phishing and malware Via Google Drive growing in popularity among criminals.

(PRUnderground) October 19th, 2023

VIPRE Security Group, a global leader and award-winning cybersecurity, privacy and data protection company, today released its Q3 Email Threat Trends Report 2023. Analyzing nearly two billion emails, the report finds that cybercriminals are adapting their methods to reflect changing consumer habits, alongside capitalizing on evolving technology to deceive and evade getting caught.

Threat actors are increasingly hiding malicious links in Google Drive and other cloud storage spaces; PDFs as a malspam delivery tool have more than quadrupled since Q1 this year; and callback phishing and user-friendly Redline malware is on the rise.

Also, ChatGPT continues to improve phishers’ ability to dupe, and LinkedIn Slink is an unforeseen malicious workaround.

Key highlights of the report include:

  • 233.9 million malicious emails detected in Q3 2023
  • 110 million emails attributed to malicious content, 118 million to malicious attachments
  • 150,000 emails displayed previously unknown behaviors.
  • Threat actors favor link-based delivery (58%) over attachments (42%).
  • Combined heuristic approaches detected roughly 10 times more spam instances than a similar signature-based detection approach

It’s clear from these findings that email threats remain a thorn in the side of cybersecurity teams. The 150,000 emails containing newly created exploits represent a concerning shift in the landscape.

Cybercriminals are also changing their delivery methods to reflect changing consumer habits. As cloud storage services have grown in popularity, so have they developed as a malspam delivery method, accounting for 67% of all malspam delivery methods in Q3 2023. Legitimate, compromised websites made up the remaining 33%.

Leveraging combined heuristics (Yara Rules) to significant effect in Q3 2023, VIPRE identified more than one million spam incidents across two distinct subsets: legacy heuristic rules caught 810,000, while new heuristic rules reeled in more than 72,000. To put this into perspective, traditional, signature-based approaches identified 150,000 overall. These numbers, again, represent a shift in the email security landscape as older defensive technologies struggle to keep pace with phishing-as-a-service offerings and an onslaught of novel malware models.

“It’s clear that the email threat landscape and cybercriminals are undergoing a period of rapid and dramatic evolution. Cybercriminals are extremely capable, informed, and effective; we mustn’t underestimate them,” said Usman Choudhary, chief product and technology officer at VIPRE. “However, by exposing cybercriminal attack methods and trends, through this report we aim to empower organizations to combat those who seek to do them harm. As the adage goes, one must know their enemy. This report will help the industry achieve that goal.”

The report also reveals how cybercriminals are increasingly utilizing AI tools to make their emails more believable. Only recently, many, if not most, spoof emails were betrayed by poor grammar, spelling mistakes, or strange formatting. Generative AI tools such as ChatGPT have made this detection method largely obsolete; at the click of a button, cybercriminals can produce literate, well-formatted emails that few can distinguish from legitimate communications.

To read the full Q3 Email Threat Trends Report 2023, download the full report here: https://www.vipre.com/email-threats-latest-trends-q3-2023. This is the third consecutive quarterly report. VIPRE leverages its unique understanding of email security to equip organizations with the information needed to protect themselves in the following quarter.

About VIPRE Security Group

VIPRE Security Group is a leading provider of internet security solutions purpose-built to protect businesses, solution providers, and home users from costly and malicious cyber threats. With more than 25 years of industry expertise, VIPRE is one of the world’s largest threat intelligence clouds, delivering exceptional protection against today’s most aggressive online threats. Its award-winning software portfolio includes next-generation antivirus endpoint cloud solutions, advanced email security products, along with threat intelligence for real-time malware analysis, and security awareness training for compliance and risk management. VIPRE solutions deliver easy-to-use, comprehensive layered defense through cloud-based and server security, with mobile interfaces that enable instant threat response. VIPRE is a proud Advanced Technology Partner of Amazon Web Services operating globally across North America and Europe. The group operates under various brands, including VIPRE®, StrongVPN®, IPVanish®, Inspired eLearning®, Livedrive®, and SugarSync®. www.VIPRE.com

The post VIPRE Security Group’s Q3 2023 Email Threat Report: More Malicious Links, AI Improves Phisher Dupes first appeared on

Press Contact

Name: Scott E. Rupp
Phone: 941-448-7566
Email: Contact Us

Original Press Release.

Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.