Email at heart of cyber-attacks

Email at heart of cyber-attacks

New research from cyber security provider Hornetsecurity has revealed that 40.5% of work emails are unwanted

Hornetsecurity’s Cyber Security Report 2023, which analysed more than 25 billion work emails, also reveals significant changes to the nature of cyber-attacks in 2022 – indicating the constant growing threats to email security and need for caution in digital workplace communications.

Phishing remains the most common style of email attack, representing 39.6% of detected threats. Threat actors used the following file types sent via email to deliver payloads: Archive files (Zip, 7z etc.) sent via email make up 28% of threats, down from last year's 33.6%, with HTML files increasing from 15.3% to 21%, and DOC(X) from 4.8% to 12.7%.

Commenting on the report findings, Hornetsecurity CEO, Daniel Hofmann, says: "This year's cyber security report shows the steady creep of threats into inboxes around the world. The rise in unwanted emails, now found to be nearly 41%, is putting email users and businesses at significant risk. What's more, our analysis identified both the enduring risk and changing landscape of ransomware attacks – highlighting the need for businesses and their employees to be more vigilant than ever."

False security of Microsoft Teams
New cybersecurity trends and techniques for organisations to watch out for were also tracked. Since Microsoft disabled macros settings in Office 365, there has been a significant increase in HTML smuggling attacks using embedded LNK or ZIP files to deliver malware.

Microsoft 365 makes it easy to share documents and end users often overlook the ramifications of how files are shared, as well as the security implications. Hornetsecurity found 25% of respondents were either unsure or assumed that Microsoft365 was immune to ransomware threats.

Hofmann adds: "For these attackers, every industry is a target. Companies must therefore ensure comprehensive security awareness training while implementing next-gen preventative measures to ward off threats. Ongoing training should be in place to prevent fraudsters from manipulating the trust people have in Microsoft and other office systems, and to counteract the psychological tricks applied by attackers. As usage of cloud services continues to grow and more users turn to MS Teams to share business information, it’s also critical to ensure all data shared via this platform is backed up."

Shifting targets: brand impersonations
Cyber threats go beyond email and business communication platforms, however. Brand impersonation attacks continue to rise, even on corporate social media, with LinkedIn growing to 22.4% of detected global brand impersonation threats, an increase of 3.5% compared with last year. Cybercriminals use platforms like LinkedIn to determine job information and use this to gain access to company resources through social engineering. Organisations and their employees must always exercise caution when receiving work emails – both those that are unwanted and also may be from malicious impersonators.

You can download the full Cyber Security Report 2023 here.

Hornetsecurity is hosting a Cyber Security Roundtable on 30 November, in which a panel of security experts will discuss the report findings and key strategies to building cyber security resilience in 2023. You can register for the event here

COURTESY :- https://computingsecurity.co.uk/article.php?article_id=12699&Mag=Security

Desai Tech Solutions
096388 43229
https://maps.app.goo.gl/iCELbSwf3R9N9UyA8

https://g.page/r/CWEqpEFKS_P8EAI/review

Comments

Post a Comment

Popular posts from this blog

How Google reinvented security and eliminated the need for firewalls

Image
How Google reinvented security and eliminated the need for firewalls In some ways, Google is like every other large enterprise. It had the typical defensive security posture based on the concept that the enterprise is your castle and security involves building moats and walls to protect the perimeter. By Neal Weinberg Executive Features Editor, Network World | Feb 15, 2017 10:48 AM SAN FRANCISCO -- In some ways, Google is like every other large enterprise. It had the typical defensive security posture based on the concept that the enterprise is your castle and security involves building moats and walls to protect the perimeter. Over time, however, that perimeter developed holes as Google’s increasingly mobile workforce, scattered around the world, demanded access to the network. And employees complained about having to go through a sometimes slow, unreliable VPN. On top of that, Google, like everyone else, was moving to the cloud, which was also outside of the cast
Read more

7 free alternatives to Microsoft Office you can consider

Image
  7 free alternatives to Microsoft Office you can consider Microsoft Office is one of the most-popular productivity suites globally. It is used by companies worldwide for spreadsheets, Word, PowerPoint and more. However, it really does not come cheap. if you are are looking for some more affordable/free alternatives, here are seven that you can look at:   Google Workspace Google Workspace is one of the most popular alternatives to Microsoft Office. It is free and offers users 15GB of cloud storage for storing files, mails, attachments and more. Workspace includes several Google apps and services including Google Docs, Sheets, Slides as an alternative to Word, Excel and Powerpoint. It also includes Google Drive, alternative for Microsoft OneDrive.   iWork is another good free alternative to Microsoft Office, but it is best suited for Apple users (Mac, iPhone and iPad). There’s a web-version too, but it has limited functionality. In terms of Apple iWork offers Pages, Numbers and Keynote
Read more