New study of billions of emails reveals cyber criminals’ methods

VIPRE Security Group handles over 1.2 billion emails per month and has mapped out how the IT criminals attack you via emails with its latest EmailSecurity Report.

The IT security company VIPRE Security Group has just launched the latest Email Security in 2023-rapporta report that goes in depth on email security and the methods that IT criminals use to target businesses and individuals via emails.

The latest report shows that cybercriminals are increasingly impersonating multi-factor authentication providers to defraud small businesses in particular.

New study of billions of emails reveals cyber criminals' methodsThe report concludes, among other things, that:

  • Financial institutions (48 percent) are clearly the sector most affected by cybercrime via emails.
  • Insider attacks take up to 85 days to frame and fix – up from 77 days last year.
  • The most common phishing links are distributed between compromised websites (52 percent), newly registered domains (39 percent) and subdomain “squatting” (9 percent).

VIPRE detects and reviews over one million unique malware samples every single day as the company observes 1.2 billion emails each month via the 20 million endpoint devices the company has protected over the past 20 years. If there is an email threat, VIPRE Security Group is aware of it.

“Malspam” is exploding
The report also concludes that the amount of attachment-based “malspam” (malware + spam) increased by 22 percent compared to link-based malspam. The report also shows that the US now surpasses Russia as the country where most spam comes from. However, it must be said that the majority of the world’s servers are located in the USA, which is most likely the explanation.

“It is one thing to get an overview from a single customer. It’s another thing to get a year’s worth of data from thousands of email clients around the globe. You can speculate about new threats all you want, but facts don’t lie. It takes international resources, experienced analysts and enterprise-level technology to create a report like this,” says Usman Choudhary, chief product and technology officer at VIPRE.

Focus on email-based IT security threats
Businesses and organizations can use the report to map their area of ​​focus to meet the drastic increase in email threats. In particular, they should look at:

  • Cybercriminals pretend to be MFA providers: Think before you press a push notification on your phone – IT criminals start impersonating the authentication services (multi-factor authentication) – therefore only click on links to apps and not in emails.
  • Job-related spam: Cybercriminals know that you (and many others) are looking for a flexible job and are willing to have an interview online. Be skeptical of any headhunters who seem too good to be true.
  • Spotify var mere ”spoofed” end Microsoft: In the past, Microsoft was the most used brand for phishing emails, but now Spotify has overtaken it: Spotify renewal emails are being used by IT criminals to cheat your bank details out of you for fear of losing access to the latest Harry Styles tracks.
  • As-a-Service is out-of-control: Expect to see more scattershot attacks as the “as-a-service” industry of cybercriminals makes it easier for novices to create even advanced malware attacks. This means that SMEs must expect far more attacks, because it has become cheaper for the IT criminals to carry out several attacks at once.

Source: IT-Kanalen by

*The article has been translated based on the content of IT-Kanalen by If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!