Scammers favor malicious URLs over attachments in e-mail phishing assaults


Emails containing malicious URLs made up 88 p.c of all messages with malware-infested hyperlinks and attachments, underscoring the dominance of URL-based e-mail threats.

The findings — disclosed in cybersecurity firm Proofpoint’s quarterly threat report for the month ending September — reveal the evolving sophistication of social engineering assaults focusing on customers and organizations.

“E-mail-based threats are among the many oldest, most pervasive, and widespread cybersecurity threats hitting organizations worldwide,” Chris Dawson, Risk Intelligence Lead at Proofpoint, advised TNW.

“From large malware campaigns focusing on thousands and thousands of recipients with banking Trojans to rigorously crafted e-mail fraud, the e-mail risk panorama is extraordinarily numerous, creating a variety of alternatives for risk actors to assault organizations,” Dawson added.

Another key tendencies to notice are the prevalence of sextortion campaigns, and the notable absence of Emotet botnet spam and ransomware assaults propagated through malicious emails.

“Ransomware continues to be a risk,” Dawson acknowledged. “Nevertheless, with quickly dropping cryptocurrency valuations, risk actors are having a tougher time monetizing their ransomware campaigns. As an alternative they’re turning to ‘quieter’ infections with banking Trojans and downloaders that may probably sit on contaminated machines for prolonged intervals, gathering knowledge, mining cryptocurrency, sending spam, and extra.”