VIPRE Security Group 2023 Email Security Report Reveals Cybercriminals Posing as MFA Vendors

VIPRE Security Group today announced the release of their Email Security in 2023 Report. The report provides an analysis of the latest trends in email security and recommendations on how to stay ahead of emerging malicious threats. This year’s report found that cybercriminals are increasingly posing as Multi-factor Authentication vendors and small businesses are becoming more popular targets.

VIPRE processes more than one million unique malware samples daily, scans more than 1.2 billion emails per month, and has secured over 20 million endpoints in more than 25 years in business. If there’s an email threat – VIPRE knows about it.

According to the report:

• Financial institutions (48%) are still the most targeted sector by a wide margin.
• Insider attacks now take on average 85 days to contain – up from 77 days the previous year.
• The most common phishing links are compromised websites (52%), newly registered domains (39%), and subdomain cybersquatting (9%).

The report also concluded that attachment-based malspam is on the rise, by a significant 22% when compared to malspam with links. Not to be forgotten, the technologically static attachment still is a popular nesting ground for malicious scripts and macros. Also, the US overtook Russia as the top spam originator among VIPRE customers. However, look with scrutiny: most of the world’s servers are in North America, so you can’t always take a US IP at face value.

“It’s one thing to get a siloed view from a single customer. It’s another to get a year’s worth of data from thousands of email clients across the globe,” said Usman Choudhary, chief product and technology officer at VIPRE. “You can speculate about emerging threats all you want, but the facts don’t lie.”

“It takes international resources, experienced analysis, and enterprise-level technology that only an experienced email security provider can offer to create a report like this. We know the experience we have in this space is unique, and the SME community might not get this type of information elsewhere, at least not on the scale or with the scope that we can offer it and we’re pleased to make this valuable resource available.”

Addressing the challenges of email-based threats

To combat emerging email-based threats, VIPRE’s new report highlights four recommendations that will enable businesses and their employees to fortify themselves against opportunistic email attacks:

• Cybercriminals are posing as MFA vendors. Think twice before you open Push notifications: Black Hats are jumping on the security bandwagon and posing as White Hat technologies. Accept a Push from the app only and beware of texts and pop-ups.
• Watch for an uptick in job-related spam. Cybercriminals know you (and everyone else) are looking for remote jobs and willing to interview online. Know the signs of fraud and how to keep professional platform interactions above-board.
• Spotify outranked Microsoft as the most spoofed brand. Stay leery when renewal time comes around: You’re not the only one with the date on your calendar. Even though it’s not a haul, cybercriminals are happy to get paid via a subscription-based model.
• As-a-Service models are out-of-control. Get ready for even more shotgun-spray attacks as the underground as-a-Service economy makes it easier than ever for novices to become bad guys. With a lower bar to entry, more will play, and SMBs will be at the top of beginner’s hit lists.

About the VIPRE Email Security in 2023 Report

VIPRE’s 2023 Email Security Report is the proud cumulation of thousands of international customers, multiple corporate email servers, millions of malware scans, billions of emails, and hundreds of hours of analysis over the past twelve months.

To find out more about VIPRE and the trends and predictions of email threats in 2023, you can download the full report here.

About VIPRE Security Group

VIPRE Security Group is a leading provider of internet security solutions purpose-built to protect businesses, solution providers, and home users from costly and malicious cyber threats. With more than 25 years of industry expertise, VIPRE is one of the world’s largest threat intelligence clouds, delivering exceptional protection against today’s most aggressive online threats. Its award-winning software portfolio includes next-generation antivirus endpoint cloud solutions, advanced email security products, along with threat intelligence for real-time malware analysis, and security awareness training for compliance and risk management. VIPRE solutions deliver easy-to-use, comprehensive layered defense through cloud-based and server security, with mobile interfaces that enable instant threat response. VIPRE is a proud Advanced Technology Partner of Amazon Web Services operating globally across North America and Europe. The group operates under various brands, including VIPRE®, StrongVPN®, IPVanish®, Inspired eLearning®, Livedrive®, and SugarSync®. www.VIPRE.com